FBI: Just Don't Call Them Backdoors

sandbagger writes: The FBI still wants backdoors into encrypted communications, it just doesn't want to call them backdoors, and it doesn't want to dictate what they should look like. Tech companies [says FBI Director James Comey] 'need' to change their business models – by selling only communications gear that enables law enforcement to access communications in unencrypted form, he says, rather than products that only the parties participating in the communication can decrypt. He also says tech companies should just accept that they would be selling less secure products.

Dear Mr FBI

[Snotnose]

Had you not been spying on all of us without warrants we wouldn't be encrypting our stuff. Act like the bad guy, don't be surprised when your treated like a bad guy.

Re:Dear Mr FBI

^This

I'd like a "rear entry portal" into the Capitol Building, just so I can know how they operate behind closed doors. It should be legal because (a) my tax dollars pay their salary and (b) they're suppossedly not committing any crimes!

This is all of course in line with the FBI's thought process.

Re:Dear Mr FBI

[gfxguy]

I like your style of thinking... but them first.

Re:Dear Mr FBI

[Strangely+Familiar]

And what about Google, Apple, and Facebook? Isn't this just lovely that Comey is telling these companies to make sure there is a way they can read all our communications, even when we try to use encryption? Once the capability is there, the corporate lawyers will simply have us agree in the "end user license" (that we negotiate with them by clicking "I agree") that Google et al. can read and sell ALL our communications regardless of any court order. Nice. I really love where this is headed. Thanks again, FBI. I love you people! You're doing a great job! Always thinking of me! I feel so secure!

Re:Dear Mr FBI

The FBI recently admitted to using 0-day exploits. By definition, this means they do not alert vendors to the the exploits so that they can be fixed. It's not clear to me how this can be viewed as anything but acting like the bad guy. Law enforcement's role is to uphold law, not to catch criminals by any means.

Re:Dear Mr FBI

don't be surprised when your treated like a bad guy.

*You're.

I agree with you, but learn grammar beyond grade-school. It helps make your point more believable, versus it being dismissed as the rantings as some uneducated twit.

Re:Dear Mr FBI

It's called a typo. you know like the "as" in "rantings as some uneducated twit."

Re:Dear Mr FBI

It is not only the spying that bugs me. They can much too easily plant 'evidence' on electronic devices.

Remember all the tons of evidence that came out of the little backwoods shack of the UNA Bomber? O'l Ted must have been really cold in winter, since there clearly wasn't any room for him inside.

With electronic devices you don't have that physical problem. All Ted's manifestos and lunatic ravings would fit on a modern cell phone, with gigabytes to spare for his pr0n collection.

Re:Dear Mr FBI

[bytesex]

All Ted's manifestos and lunatic ravings would fit on a modern cell phone, with gigabytes to spare for his pr0n collection.

Which would give him something to do and keep him warm during those long, cold winters.

Re:Dear Mr FBI

The short and sweet version from both sides of the debate: "Fuck you."

So, Mr.FBI thinks we should just "accept" using less secure products huh? Fuck him, fuck him and anyone else who thinks like that. If he can't do his job without making EVERY PERSON ON THE PLANET LESS SECURE, (which he has proven that he refuses to by making this statement), then we need to find someone who can do his job to replace him.

The government has no justifiable claim in this debate at this point. By making this statement they have given clear indication that their intent is to spy on law abiding citizens without cause. Their case has no merit and should be thrown out. If by some chance this does make it into law, then at the hearing about it's constitutionality, this statement will be a critical piece of evidence to indicate to a judge what the true intent of the government was: Gross violation of the first and fourth amendments. Encrypted communications is a form of speech, this idea of the law is a government ban on it, regardless of what form it takes. (Key escrow, or a real backdoor.) The end result is the same no matter what, and is forbidden for the government to demand it by the first amendment to the constitution. (Which forbids the government from prohibiting any form of speech of the people.)

If the government wants to end encryption they will need to revoke the first and fourth amendments by voting to amend the constitution, and then ratify the amendments in all 50 states. (To which efforts I say good luck, you'll need it.)

Re:Dear Mr FBI

[davester666]

That and the idea that they are supposed to representing your interests.

Re:Dear Mr FBI

The next company to market something secure will make a fortune - and it might even be US based.

However with Apple and others, no start up can afford to do a 'me too' - act and mumble about this and that, glib responses - if they want the billions number they are going to have to open source bits and pass a 'Europe sniff test' and maybe hardware with no eeproms at all. I'm not sure what FIP's is proving, but is sure shows premium US brands were lying and being careless and junk.

You say backdoor. Frankly stock market capitalization means they don't want to play. As CPLD's become cheap, somebody's air supply is about to be cut off with zero backdoor, and if post Snowden, key exchange is done physically - well no because some dont trust anything.

Re:Dear Mr FBI

[drinkypoo]

Cops regularly brandish weapons without cause which is illegal, point them at people without cause which is assault and illegal, kill people without cause which is murder... In fact, here's a damned great statistic: in 2008, there were about 765,000 "sworn personnel", meaning cops with arrest powers. Today, over eleven million US citizens have a permit to carry a concealed weapon. Even if only ten percent of them make use of it, there are still hundreds of thousands more "ordinary" citizens carrying weapons than cops. In spite of this, cops will wrongfully kill more people even than deliberate mass shooters this year. They are killing people who are proven by the evidence to not have a weapon, they are turning off their body cameras before they kill people, they are killing people who they have incarcerated and they are killing people on their way to incarceration.

Everywhere you look, the people who are supposed to protect us and keep us from corruption are more dangerous and corrupt than we are.

Re:Dear Mr FBI

[KGIII]

Ya know... I haven't written any software since the early 2000s. I've hacked some and maybe written a small script or two as needed. I might have poked a few buttons to learn a little as time has passed. But, no, realistically, I'll need to relearn a lot... That's okay.

Maybe it's time to start writing software again? Maybe it's time to just write and host my own software that does exactly what I want it to do, irrespective of the legality, and just accept the consequences? What? They're going to yell at me and ask me to give information that I don't have? Heh... No, the data will be encrypted with *the users* certificates and the certificate store will also be encrypted and no, nope - I don't have those keys, sorry.

What, they want me to stop? How about no? Oh, they're going to do, what, exactly? Put me in jail? Heh... There's not much chance of that happening. I've got a few dollars and a lawyer on retainer. No, no I don't care how much they bleat and blather. If you want to search my property, which includes my communication, then you'll need a warrant for that and it's my *right* to make that as difficult for them as I want.

Re: Dear Mr FBI

Not only that, but I honestly can't remember one time when this agency truly acted in the interest of the people. They are more likely to support terrorist cells than shut them down. If they've shut one down, it's because they wanted a feel-good story, so put together the entire plot and used a complete moron who needed pushing and hand holding. 9/11? When handed all the needed details, they shut down the investigation 3 times, while the CIA specifically gathered the guys from overseas and got them passports over the objections of Saudi US embassy officials. These guys don't work for us.

Re:Dear Mr FBI

Yep.

I've carried for over 30 years, every single day. I'm not a cop, I'm just an average guy.

And yet in all that time I've never shot anyone, nor drawn my gun and pointed it at anyone.

I have a far better track record than 90% of the cops out there, and yet I'm treated like the enemy.

Re:Dear Mr FBI

[KGIII]

You can add pretty much the entirety of eligible Mainers to that list. You no longer need a permit to conceal carry in Maine provided it is lawful for you to own a firearm. Yup... You may still want a permit if you travel (I do and have mine) because this doesn't extend to other states as of yet. Strangely enough, we don't have a whole bunch of crime, firearm violence, or any need to keep track of who has what in their waistband.

No, no don't move there. It's terrible and the people are mean. It's cold and nobody will like you. It's remote and the taxes are too high. It's an awful place and you wouldn't want to live there - not even for the forward thinking with private property ownership rights. You're better off in California or New York, of course. You'd never want to live in Maine.

Re:Dear Mr FBI

[Zontar+The+Mindless]

If the government wants to end encryption they will need to revoke the first and fourth amendments by voting to amend the constitution, and then ratify the amendments in all 50 states. (To which efforts I say good luck, you'll need it.)

It's actually 3/4 of the states (38 of 50).

Re:Dear Mr FBI

Please link your sources. Thank you.

Re:Dear Mr FBI

[swillden]

Once the capability is there, the corporate lawyers will simply have us agree in the "end user license" (that we negotiate with them by clicking "I agree") that Google et al. can read and sell ALL our communications regardless of any court order.

Google doesn't sell user communications, to the government or to anyone else, and Google doesn't provide any data to government that it's not legally compelled to provide.

(Disclaimer: I work for Google, but I don't speak for Google.)

Re:Dear Mr FBI

[LifesABeach]

The U.S. has the equipment, thanks NSA, so that all conversations of government staff can be monitored. If they're not doing anything wrong, it isn't a problem. Of course, government staff can always resign, even the H1B ones.

Re:Dear Mr FBI

Ha hah, what makes you think the Capitol building isn't riddled with obscure passages...

Re:Dear Mr FBI

You missed the point where OP said: "Once the capability is there..." OP was not implying it already happens.

Re:Dear Mr FBI

Not to mention that Google provides open source alternatives.

The one you really need to be concerned with is Microsoft and the heavily embedded spyware in Windows 10 that cannot be disabled.

Re:Dear Mr FBI

[currently_awake]

Google is an advertising company. Add companies are their customers, and the people using their software are the product to be sold. The purpose of a corporation is to make money, selling our communications makes them money.

Re:Dear Mr FBI

[swillden]

Google is an advertising company. Add companies are their customers, and the people using their software are the product to be sold. The purpose of a corporation is to make money, selling our communications makes them money.

Google does make money from advertising. It does not sell your communications. To the degree it makes money from your communications, it does that by scanning your communications to decide what ads would most likely be of interest to you, and then showing you those ads.

Re:Dear Mr FBI

[swillden]

You missed the point where OP said: "Once the capability is there..." OP was not implying it already happens.

Which Google services involve encryption which prevents Google from seeing the data? The capability is already there, and yet it does not happen.

Re:Dear Mr FBI

[rogoshen1]

Then you get labeled as a pedo, or more likely a terrorist -- and then it doesn't really matter if they convict you of anything, your life is over.

Re: Dear Mr FBI

At this point in the game, anyone with any sense is going to treat all comms as if they are compromised anyway.

It won't matter if the tech companies give in publicly, or in secret. It's unlikely the trust will ever be there between tech and the public ever again.

Re: Dear Mr FBI

Nice try.

Re: Dear Mr FBI

That's not what TV and movies think. And everyone knows that's where our culture is defined.

Re: Dear Mr FBI

[KGIII]

Oh no, it's a horrible place with mean people! The winters are deadly and the summers are even worse! The tourists will kill you, the animals are deadly, the people are all armed and dangerous. You don't even want to *visit* Maine. Just come drop your vacation money off at the border.

Re:Dear Mr FBI

[KGIII]

I'm in a unique position where I can say, "Fuck you." I'm unfamiliar with your username so I imagine you may be unfamiliar with my posts and my history. I'm financially able to say, "Fuck you." I'm also able to move to another country, if need be, but I'd really hate to do so. I am, after all, a patriot at heart. It's my patriotic duty to circumvent any attempts they make at weakening encryption. It's my patriotic duty to assist others in encrypting their communication.

Our country was founded by a bunch of terrorists who hid behind anonymity until they'd gained enough popularity and wealth to be able to risk speaking freely. Whilst I'm not a violent person by nature, I am still a fan of allowed anonymous speech. I, for one, am tired of my government trying to keep me safe. I, for one, accept the risks that bad things might happen. Risks are proportionate to gain, often enough. The more liberties you have the more risks it entails. So be it.

Re:Dear Mr FBI

Except you are banned from talking any of this over with your lawyers, as Yahoo and Google were.

Re:Dear Mr FBI

[KGIII]

Yeah, it's bound to be a cat and mouse type of game until they finally bag me up and drop me out of the back of a C-5 somewhere over the South Pacific after treating me to some Monkey Wrench Persuasion but it might be just annoying to irk them and not enough to truly piss them off. I would, of course, go along with any lawful orders given. That's what they make the canary features for. ;-)

Re:Dear Mr FBI

[mikeiver1]

So what if they succeed in getting the "back doors" be mandated in all hardware routers and devices. There will simply be a software encryption done on the data before it is sent to/out of the devices in the first place. To think that they can put the encryption genie back in the bottle at this stage is a pure waste of time, money, and effort and will effect nothing. This is just plain stupid and shows just how out of touch with the reality of the situation out politicians and leaders really are

Re:Dear Mr FBI

You can add pretty much the entirety of eligible Mainers to that list. You no longer need a permit to conceal carry in Maine provided it is lawful for you to own a firearm. Yup... You may still want a permit if you travel (I do and have mine) because this doesn't extend to other states as of yet. Strangely enough, we don't have a whole bunch of crime, firearm violence, or any need to keep track of who has what in their waistband.

No, no don't move there. It's terrible and the people are mean. It's cold and nobody will like you. It's remote and the taxes are too high. It's an awful place and you wouldn't want to live there - not even for the forward thinking with private property ownership rights. You're better off in California or New York, of course. You'd never want to live in Maine.

Amusing. I grew-up in the neighbouring province of New Brunswick, Canada. Maine and New Brunswick are very similar yet very distinct in their own ways. Most people in Maine are polite which suggests politeness might be correlated to cooler climates. ;-) During the 1980s I used to drive to Houlton or Fort Fairfield to buy tight-fitting fashion jeans.

Re: Dear Mr FBI

Well...are you sure? Would you bet your left hand on this? (Disclaimer: you can't even begin to imagine how many fishy things can sneak under your nose in such a big company...posted from my traced android handset).

Re:Dear Mr FBI

Right... Downplay Maine because *everybody* is dying to move to a gun-nut inundated dystopia!

Re:Dear Mr FBI

[KGIII]

I don't get up to The County very often and I probably won't be back in Maine until sometime next year, at the rate things are going. The borders are pretty tight now. I am not a native Mainer but I did go to school at Kents Hill and stayed on campus there. It's where I fell in love with the State and now I've retired to Maine. There's some very polite people in the South. Then there are other cultures where they've a whole different view of what is, and is not, polite.

But yes, I used to cross to go to Canada to drink. Today, after some work and providing proof, I have my citizenship. I'm Micmac, mostly, at a greater percentage than I am anything else. I'm kind of a mutt, really. So, I have land in Canada and am a citizen by grace of heritage. The land is in Nova Scotia as are "my people." I try to get up there once a year but I didn't make it this year and won't have much time to go next year but I'll be sure to fit it in, even if it's just for a week. Now, of course, I must get the missus a passport or a special ID (I think?) if I want to bring her with me.

Re:Dear Mr FBI

[BronsCon]

The thing about "gun nuts" (advocates, actually, but that's another discussion) is that they advocate for ownership of firearms. By way of this, they assume everyone owns and carries, though they may intuitively know that most people do not; not knowing who is and is not carrying, it's safest to assume everyone is. In light of that, gun advocates typically try to avoid confrontation and are generally very polite people until you try to take away their protection piece.

Re:Dear Mr FBI

[KGIII]

That's right. It's absolutely terrible there. The crime is outrageous. It is, by every definition, a dystopia and you shouldn't even visit. There's nothing to see, nothing to do, and they let people run around with firearms! You should definitely never go there.

Re: Dear Mr FBI

But Google doesn't sell your communication or other info. They hoard it and target the ads themself. They're the best of the bunch that way.

Re:Dear Mr FBI

[Citation needed]

Re:Dear Mr FBI

[KGIII]

You are probably explaining it to someone who lacks the initiative or, perhaps, capacity to understand the intricacies beyond the idea that they're afraid and want others to give up their liberties to help lessen that fear. They're gripped with fear and their method of "flight" means taking the objects away that bad people use to cause harm.

Many of us elect to open-carry. More than once, without intending to, I've gone into my credit union while open carrying. Once, and only once, a group of us went into the same credit union all strapped up and carrying hunting rifles. (For those unfamiliar with a hunting rifle, your bullet proof vest isn't going to do you a damned bit of good unless it has the ceramic plates and it still might not help.) We not only didn't harm anyone but we didn't threaten anyone or even rob the place.

I do admit, they looked at us a bit funny but we got some cash out - it was nearing noon on a Saturday and we'd just stomped out of the woods after hiking and hunting our way into town. I've concealed carried into a credit union all sorts of times. They have no idea and, well, I sit on the board so it's not a problem. It's a tiny town with few people and I live outside of even that town, in an unincorporated township. They all have firearms. We've got kids with firearms and they don't always have adult supervision.

And yet, it still works. We've very few accidents and even fewer crimes involving a shooting or even a firearm being used. (Theft of firearms is a bit of a crime and that will skew the "firearm crime" numbers a bit for those who aren't aware of what they actually entail.) We're generally polite but I don't think that's because someone might be armed. It might be why we don't escalate into violence but I don't think it is what makes us polite. We're just neighborly and actually know each other so we give a shit about each other. I imagine that the firearms might stop some of the impoliteness from escalating. ;-)

Re:Dear Mr FBI

[Pseudonym]

Strangely enough, we don't have a whole bunch of crime, firearm violence, or any need to keep track of who has what in their waistband.

As we should all know, the per capita violence rate in the United States is, just like pretty much everywhere else in the world, decreasing steadily over time. However, the mass shooting rate in the United States is increasing over time.

Didn't Maine have a mass shooting just this year? Around July, I think?

Re:Dear Mr FBI

[Pseudonym]

Ha hah, what makes you think the Capitol building isn't riddled with obscure passages...

They're called "riders".

Re:Dear Mr FBI

How does that make your position unique? I suspect that a large number of users on this site alone could do this.

Re:Dear Mr FBI

You accept the risks, because you have the money to, they are tiny riskd.
Without all your money, the average person is greatly at risk from this kind of thing.

Re:Dear Mr FBI

I think so. I think two people died and a couple others were wounded. What's your point? Using the rather silly "mass shooter" metric, Maine's still pretty much at the bottom of the list in both total number and number per capita according to the site that's tracking them. That hardly negates the fact that they don't have a whole bunch of firearm violence. I think we had one a few years before that. A few years prior we might have had one that qualified, someone went on a bit of a hunt and got two or three of them before he was stopped but they weren't all in one location and not all at the same time.

At any rate, I'm seeing that you're trying to demonstrate something with the comment about having one "just this year." Sure, you could probably even say that Maine had a hell of a bad month that month. It we examine more data than just the month of July, say the past ten years, you'll see that it's pretty safe. Firearms don't really have much to do with that safety, I don't think. Sure, they can make us more or less safe. It's more about private property ownership and upholding of liberties and accepting the inevitable risks that accompany freedoms.

All-in-all, with the total number of firearms owned in the State, there's really not much in the way of violent crime as compared to many other areas in the country. Yes, you can find some. I don't think anyone was arguing that there was a rosy place that was crime-free. Considering the depressed economy, lack of an educated populace, the high instance of mental health issues, and the associated disorders due to isolation and decreased hours of daylight - it's kind of amazing that the crime rate is as low as it is.

I do expect an uptick in the crime rates. We're starting to see it now. Our governor, bless his heart, is a Republican named Page. It's redundant to say that he's an idiot but it must be said. He's done everything he can to take people off of the welfare dole and taxpayer-funded insurance. At the same time, he's cracked down on doctors prescribing opiates for pain sufferers. This has, of course, resulted in an increase in street heroin and trading in illegal prescription narcotics. They fail to see or correct the issue and feel inclined to "stay the course."

So, there's going to be an uptick in crime and it will not do the numbers any justice because the population is low so the percentages will be higher than they might be. It's going to reflect poorly on the State - I'd estimate within two or three years. It will still be very low-crime but it'll probably appear to be higher than it is. If 100 people are killed in just Chicago by firearms that's a trivial thing. That'd wipe out 1/10 of the village and my entire unincorporated town. It's also really unlikely... But they're not going to be good numbers at all.

Like I said, it's a horrible place and you wouldn't want to live there. People are carrying scary guns with them and you might not even know it. They think in terms of personal accountability, private property, liberty, and have strange notions about not punishing the masses because of the mistakes of the few - in some areas, at least, but nobody is perfect and the governor is less than stellar.

So no, you wouldn't want to go there. There are crazy impoverished people with guns and they're all lacking their opiates so they're raving addicts who will kill you for the shoes on your feet if it means they'll get their next fix. It's a scary place and people who are afraid probably shouldn't go there.

Err... I have to post this as an AC. My post limit has been reached. It's 50 posts no matter how high my karma goes. I'm not too fond of that limit but it seems to apply to all of us no matter how arbitrary it seems. At least it's obviously me. Anyhow, part of my post is snark (I admit such) but the point is the same. Yes, there was a shooting. Yes, it's very rare and, statistically speaking, it's rare enough so that it is even low on the per-capita rates.

A "mass shooting" (now there's a loaded phrase meant to cause f

Re:Dear Mr FBI

Make sure to click expand to read the last few paragraphs. There's some actual facts there. I knew it was long but I didn't realize it was that long until after I didn't bother checking the preview and just hit submit without thinking. Yes, yes you *can* find a "mass shooting" (a phrase for controlling the narrative if I've ever heard one) and yet, Maine's the safest State in the Union. Most stats are drawn from the FBI factbook and Wikipedia or from Google's search results.

Key points being, nobody stated it was perfect. Just that it was better and, factually, it's much better when compared to what it should be given the other metrics. The law was not in place, well had not yet taken effect, when the shooting took place (as far as I recall - I think that happened on the 1st of August). Maine has more firearms than it "should have" proportionately speaking. Maine is more impoverished, less educated, and has more single parents than it should have. Maine has more unemployment, mental illness, and isolation than other States. Yet Maine's the safest State in the Union.

Ayuh... Can't get there from here.

Re:Dear Mr FBI

You really suspect hat a large number of users here have dual citizenship, money invested in foreign markets, and enough liquid assets to just move themselves to another country without a job, without needing to maintain a reputation in order to seek gainful employment elsewhere, and being able to take their family with them if they want to go?

Not sure if serious or just unsure of your grasp of the situation. Most of the people here, that are also in the US, don't even have a passport. Most of them haven't paid off their house and almost certainly can't just pick up and move themselves and their family to a whole other country because they opted to tell the government to go piss up a rope. If they could, they probably would have.

I'm thinking you don't have your passport either and have no idea how difficult (or expensive) it is to just move to another country and don't realize how difficult it is to do in a timely fashion. Maybe you think that Slashdotters are something they're not? I've met a number of them in the real world and they don't have the ability to just up and move to a new location at a moment's notice. Most of them can't even just pack their bags and go off to a new State for a job. They have things like commitments, family, and careers. They're not a bunch of hobos.

Re:Dear Mr FBI

[KGIII]

Yup. That's why I'm thinking that it's something I should probably work on and something that I should relearn. I'm in a position where I can take advantage of the situation and I can accept the risks. I'm at less risk than others and I'm more able to defend myself. To be honest, this is kind of a burden that I should be taking.

So, I'm going to have to consider myself as starting anew, from scratch, and will have to go on from there. I'm picking PHP back up as a project. I used to be fairly fluent in C and could muddle my way through C++ with the help of USENET. I know/knew some PERL and some of my PERL is still out there being insecure and horrifically complex to this very day. Hell, even my PHP code, some of it, is still out there - some dropped and others still picked up and maintained.

Consider this a blank state... I can setup a development environment but it's going to need to be done on Linux. I have a web option and I have a self-hosted option. Then I have languages - where should I begin anew? Should I go back to pounding out bad C and relearn that? C++ seems to be a solid choice. I bought a bunch of Python learning material recently. I haven't *really* picked it up and dug into it. Should I go web and just use it as a socket connector where they have their own signed certs and share them as they see fit maybe?

Hmm... This could be fun and I'll be settling in, hopefully, Florida for a little while this week. I've only got laptops with me but I can connect to home just fine. There are a couple of older desktops (maybe two or three years old) at the house in Florida so there's that or I can just buy a couple more workstation-class machines and see what comes of it.

Maybe I need an AskSlashdot question. ;-)

Re:Dear Mr FBI

[donaldm]

Surprisingly I actually use NSA software on my PC. It's called SELinux and it is fully open source which means that it is very difficult to install a back-door into it without someone blowing the whistle.

Why do I use this software? Well if it is good enough for the NSA who don't like being spied on then it is good enough for me. Of course SELinux won't prevent spying on any data that leaves my computer so encryption is essential for sensitive data.

Re:Dear Mr FBI

No one said 'most' numb nuts. There are millions of users on slashdot. And plenty who were here in the late 90s, and likely in their 40s or older. It is not a unique situation. It just pointed out that there are plenty of people in certain sectors who could easily move overseas. It's not difficult for a US software developer to find a position in Europe or elsewhere with a good resume. with There are plenty of foreign IT workers in the US, as there are plenty of IT workers with dual nationalities. And then, there are people who have the money to just move and expedite the process.

Re:Dear Mr FBI

[Pseudonym]

I have no doubt that Maine is pretty safe by United States standards.

I wasn't really trying to make a point. But if you'd like me to make a point, it's this: Violence probably has less to do with the amount of hardware that it's possible to be violent with, and more to do with the culture of the place.

It's useless to compare the number of guns per capita by country, because no other country is in the same league as the United States. However, if you plot the violent crime rate versus the gun ownership rate, there is a positive correlation which largely disappears if you exclude the United States. If there is less violence in Maine, it's probably because the culture of Maine is less violent than other places.

Using the rather silly "mass shooter" metric [...]

So far, nobody has proposed a fairer metric which measures what we mean by "mass shooting". It's less silly than only looking at people who died.

Re:Dear Mr FBI

See the relevant XKCD, please: http://xkcd.com/538/

Yeah yeah, you're a unique special snowflake with money and rights and guns and... they break down your door, you vanish and that's all she wrote. In whatever middle-Eastern hellhole you end up they put a drill to your knee and go at it for 30 seconds. You spill how much milk you sucked out of your mother as soon as you stop screaming long enough to draw breath, all bravery forgotten.

You're done. You love Big Brother.

Re:Dear Mr FBI

[q4Fry]

...and Google doesn't provide any data to government that it's not legally compelled to provide.

That's cute. This story is about the government expanding "legally compelled to provide" to things $TECH_COMPANY says it is currently unable to provide, and speculating about $TECH_COMPANY's response to this mooted expansion.

Re: Dear Mr FBI

[q4Fry]

I'm not very familiar with Maine. Do they speak English there? Or Canadian?

Re:Dear Mr FBI

OK you work for The Goog. Go to the Data Center and physically trace the connection out. I bet you will find to cabinets just beyond the Telcos border routers. Those will be your harvesting nodes for the NSA. Granted I haven't been in Googs DC but for Yahoo this is the way it works. I have seen it with my own eyes and watched the NSA install these.

No there is no "direct" tap into Google or Yahoo it is one hop up the network. Yes they have Versign in their back pocket so getting the private SSL key is trival. A little SSL Strip at the harvesting nodes and now all traffic copied off is in clear text.

Goggle may not sell the direct data of the users but they sure sell data on the users. It how they make their money. You do work for a private spy agency. Sorry its just the truth. Maybe you should work for a more honest company.

Re: Dear Mr FBI

[LinuxLuver]

+ 10,000

Re:Dear Mr FBI

Thank you for that, it was inspiring. :)

Re:Dear Mr FBI

[Speck'sBacon]

My first thought was that this could be damning of law enforcement, but the flaw in this argument is the fact that law enforcement officers as a consequence of their job intentionally engage dangerous individuals, whereas trouble is unlikely to befall most individual citizens minding their own business.

Re:Dear Mr FBI

[Shirley+Marquez]

Passwords are the only notable example. Best practice for passwords (which Google follows) is to hash them when initially entered (using a one-way hash, not an encryption scheme that can be decrypted) and to only store the hashed version. Google has no ability to recover your password from the stored information; that's why you have to change your password when you do password recovery rather than having them tell you the old one.

Re:Dear Mr FBI

[DEN_GUY]

Had you not been spying on all of us without warrants we wouldn't be encrypting our stuff. Act like the bad guy, don't be surprised when your treated like a bad guy.

Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. - Ben Franklin

He knew about this a couple of hundred years ago. And let us not forget George Carlin's prophetic words:

"When fascism comes to America, it will not be in brown and black shirts. It will not be with jack-boots. It will be Nike sneakers and Smiley shirts." - Beware those who "know what's good for you".

We are giving away the most amazing thing human beings have ever done, the decision and experiment that they can govern themselves. It's dying in our lifetimes.

Why isn't everyone MAD about this?

Re: Dear Mr FBI

[abmw]

A'Yah just hate Maine.

Re:Dear Mr FBI

Maine has more incidents of gun violence per 100,000 in population than what are often thought of as high-crime states such as New York and California or Washington DC. Fact.

Re:Dear Mr FBI

[dl_sledding]

Um, bullshit, have you ever heard of "Google Fiber"? You work there and you don't know about this yet? They make a really big deal about it...

Here:

http://lmgtfy.com/?q=google+fi...
https://fiber.google.com/about...

Or, how about:

https://mail.google.com/

OK, maybe a bit sarcastic, but really... A Google employee that DOESN'T know Google is most certainly in the communication business?? Come on... That's all Google is about, is communication.

Re: Dear Mr FBI

But But I thought I would learnt some one some gramers as in as they could as smart and such.

Re: Dear Mr FBI

[KGIII]

A combination of both, depending on where you are and if using a loose definition of English.

Re:Dear Mr FBI

But lobster in Maine is fresh and cheap.

Re:Dear Mr FBI

[doccus]

^This

I'd like a "rear entry portal" into the Capitol Building, just so I can know how they operate behind closed doors. It should be legal because (a) my tax dollars pay their salary and (b) they're suppossedly not committing any crimes!

This is all of course in line with the FBI's thought process.

Well that's the problem.. isn't it? American society has been letting the DHS, CIA, FBI, and IRS practice their "rear entry" on us for years, so it's no surprise they now want more!

Re:Dear Mr FBI

implied suffix - 'that you know of'

Re:Dear Mr FBI

The FBI recently admitted to using 0-day exploits. By definition, this means they do not alert vendors to the the exploits so that they can be fixed. It's not clear to me how this can be viewed as anything but acting like the bad guy.

Not that I'd believe if it if I heard them say it, but to debate fairly, one could presume they would claim to only use the 0-day exploits to like, defuse ticking timebombs and rescue kidnapped children and the like. And that they'd never screw up, or have security measures that fall against adversaries tempted by monetary gain to leverage the mostly secret technology. But of course this whole thing is a farce on so many more levels. But it is important to hammer on the obvious points in the obvious ways.

Re:Dear Mr FBI

[KGIII]

Unholy, extremely long-lived, bugs of the ocean that live on the floor of the ocean and eat garbage! They're expensive and horrible! Never move to Maine!

Err... I get 'em off the boat at wholesale prices. You can actually buy lobster, it's actually good too, at McDonald's - I've gone there just to try it. It's cheap and it's real lobster in good sized chunks.

But no! Don't move to Maine. They've got a Republican governor who's hell bent on destroying everything. (That's kind of a ritual. Whatever governor we have now is ruining everything and the next one comes along and fixes it and then proceeds to ruin other stuff.) The economy is at a stand-still and the environment is deadly! Also, the black flies and mosquitoes are deadly!

Re:Dear Mr FBI

Our country was founded by a bunch of terrorists who hid behind anonymity until they'd gained enough popularity and wealth to be able to risk speaking freely.

The Founding Father's of the USA were absolutely not terrorists.

Quite the opposite.

Nobody got hurt in the Boston Tea Party.

It was the British, not the colonials, that escalated things to the point of open warfare.

The Colonials fought the British quite openly at Breed's Hill, Lexington, Concord, Bennington, Saratoga, NY, and so forth. No terrorist is ever willing to face a regular military on the field of battle. Terrorists are cowards.

There was - throughout the whole period - no attempt by the Founding Fathers to use terror in a misguided attempt to cause political change. They were too smart for that. Like any rational and mentally healthy person would realize, they knew such actions would be counter-productive (as they always are).

It's only the mentally ill and stupid that resort to terrorism.

Re:Dear Mr FBI

[KGIII]

Violence and intimidation are required for terrorism. Not that someone gets hurt. There were lots of acts of violence and intimidation. Britain doing it was not terrorism, they were the State, that's run of the mill despotism. There's no need to ascribe more to the word than is required. Sometimes terrorism works for the best. The Jews in Palestine, for example, used terrorism to get the UK to act on their promise.

Re: Dear Mr FBI

What you need to do is help fund the EFF if you can.

Re: Dear Mr FBI

[KGIII]

I already donate a significant sum to the EFF on a fairly regular basis. Usually once a year I make a larger donation and then I make a few smaller donations as they pop up in conversations and I am reminded to donate. My most recent donation was 48 BTC when they were worth some ~600 each. It was easier to donate them than to figure out the taxes on them. I did not write off said donation.

Re:Dear Mr FBI

[swillden]

implied suffix - 'that you know of'

Nope, that suffix should not be added. What I said is just what Google's own public privacy policies state. And given that Google is already being audited regularly by the FTC for potential privacy violations (pursuant to the 20-year consent decree that came out of the Buzz investigation), people at Google would have to be really stupid to blatantly fail to comply with those public statements.

Re:Dear Mr FBI

[Schmorgluck]

How has this been voted as "Troll"? I'm not quite as optimistic about Google and its use of user data, but some people are pathologically trigger-happy with downvotes.

Re:Dear Mr FBI

[swillden]

Agreed on the "Troll". As for whether my statement is "optimistic", read Google's privacy disclosure. Unless you think Google is willing to take the risk of flat out lying, that's that. Lying to customers is pretty risky for public corporations, and dramatically more so when the corporation in question is already working under an FTC consent decree regarding the exact topic, and subject to regular audits by the FTC.

FWIW, as an employee, with a much better view than the public, I see absolutely no evidence of any dissembling, or even any wish to dissemble about privacy within Google.

Re:Dear Mr FBI

[BronsCon]

KGill actually addressed that...

Re:Dear Mr FBI

[Agripa]

and Google doesn't provide any data to government that it's not legally compelled to provide.

Which under the third party exception is all of it. You are technically correct which is the best kind of correct.

Re:Dear Mr FBI

[swillden]

and Google doesn't provide any data to government that it's not legally compelled to provide.

Which under the third party exception is all of it. You are technically correct which is the best kind of correct.

Well, being technically correct is certainly better than being flat wrong, which is what you are.

The third party exception is completely irrelevant here. That applies not to what government agencies can legally compel companies and individuals to provide, but to what espionage-derived data the NSA may acquire. The NSA is technically not allowed to spy on Americans but if they can get the data from a third party who willingly provides it, they're legally in the clear. Google does not willingly provide data. Foreign powers may be successfully spying on Google and turning that data over to US government agencies. We can't know, although Google does everything possible to prevent such espionage.

So, barring successful deep penetration of Google by, say, GCHQ, the FBI is restricted to what they can compel from Google via legal channels: NSLs, warrants and subpoenas. All of these vehicles have restrictions on the type and scope of data that can be obtained, and all allow the recipient to challenge their compliance with the law. Google does challenge requests that don't meet the relevant legal standards. Those that do, of course, or those where the courts reject the challenges, must be complied with.

Re:Dear Mr FBI

[Agripa]

You no longer need a permit to conceal carry in Maine provided it is lawful for you to own a firearm. Yup... You may still want a permit if you travel (I do and have mine) because this doesn't extend to other states as of yet.

Technically both situations you describe are still unlawful under federal law. As far as BATFE is concerned, the Gun Free School Zones Act requires that you have a permit issued by the State in which you are carrying making unlicensed carry unlawful in any state and licensed carry unlawful if the license is from a different state despite reciprocity.

The Wikipedia entry on the subject has a nice letter from the BATFE describing the situation as they see it:

https://en.wikipedia.org/wiki/...

Re:Dear Mr FBI

[KGIII]

Unless I'm reading it incorrectly, that has no bearing on anything other than a school zone? I believe there is at least one other state where it is lawful to conceal carry without a permit but I'm a bit lazy so I didn't look that up - I'm going by memory from an article in the Sun Journal. So long as one isn't stomping around in school zones with a conceal weapon then I'm not seeing where that law would make this unlawful. It's not impossible that Maine would make an unconstitutional law but it's unlikely that they did not do their homework first as this law has been a long time coming and has gone through the ringer a few times as it was hashed out, worked, reworded, and then finally finished a few years after it was first proposed (IIRC).

Re:Dear Mr FBI

[Agripa]

Unless I'm reading it incorrectly, that has no bearing on anything other than a school zone?

That is right. And how easy is it to travel through a school zone without knowing it? And "school zone" includes more than just what most people would consider schools.

I believe there is at least one other state where it is lawful to conceal carry without a permit but I'm a bit lazy so I didn't look that up - I'm going by memory from an article in the Sun Journal. So long as one isn't stomping around in school zones with a conceal weapon then I'm not seeing where that law would make this unlawful.

There are now several states which allow concealed carry without a permit and even more states which allow lawful open carry.

Now BATFE is not going out on raids to enforce this but when asked, they specifically pointed out that it is unlawful as far as they are concerned.

It's not impossible that Maine would make an unconstitutional law but it's unlikely that they did not do their homework first as this law has been a long time coming and has gone through the ringer a few times as it was hashed out, worked, reworded, and then finally finished a few years after it was first proposed (IIRC).

The state laws are not in question here; it is the federal law.

The USSC upheld the revised act after they added an interstate clause hook to it but this aspect of the law has not been successfully challenged and I am sure the DOJ is careful to prevent cases where that might happen.

Re:Dear Mr FBI

[KGIII]

Hmm... Do you have any case law that I can look at? I thought you were okay in school zones if you're in a vehicle and not parked at the school? (I usually have no magazine in, no round in the chamber, the firearm locked in the glove box, and the magazines in the center console. Papers are over the visor in a small book and a copy of my permit is on the top, held in place with a paper clip. I'd not bring it with me if I were stopping in at a school, that'd definitely be against the law. I thought if it wasn't loaded and you were traveling through (also for some parks, depending on the park) then you were all set?

And yeah, I don't think it has ever been illegal to open carry in Maine. I didn't recall any other states that had a no-permit-required regulation. Or, more likely, removed from the regulations... (Or perhaps never had one.) I've never bothered to look. ;-) I've always just figured that I'm gonna need a permit and it's not even universal across the states. When I am out of state, I leave it in a safe in the trunk and the ammunition stays in the cab, usually locked in the glove compartment. Then if I am out and about and feel obligated to carry, I check the local laws. Before we had this fancy internet thing, I'd call the local sheriffs office in whatever area I was in and they (often) would have me come down to the station, show 'em my permit and ID, and then say thanks and let me be on my way.

I am actually kind of fond of that though it doesn't happen any more. I guess I could try calling but now I just use Google. I kind of like the idea that if I am in a strange place (I'm not one for staying in a city) and there's a time when I feel obligated to use a firearm then I kind of want the cops to know that there's a guy who's lawfully carrying and he has a permit. I don't carry anything big, most of the time. I've two Ruger's with me and they're both .22 LR.

I'd hate to kill someone but if they keep coming after the first shot (and they might, it's only a .22) then I've the rest of the magazine and am comfortable with my training. If there's a situation where a .22 isn't enough then that's probably a situation where I should be running away. It's not like I'm going to go out stopping robberies or intervening in a gang shootout. That's how you get yourself killed. Fuck that.

At any rate, I thought you could drive through a school zone just fine - even if you had it on you and loaded? I thought you just weren't allowed to stop in the area - like stop and get out of the vehicle because your vehicle was on public property and still considered your domain while you remain in that vehicle. (Driving onto the school's parking lot would be a violation of the law, as I understand it.) I don't generally carry it on me in a car nor do I take one to the school. Not any more, at least. (We had rifles and pistols at my school when I was a kid. I was on the pistol and rifle shooting teams, actually.)

How about...

Frontdoors

Re:How about...

I was thinking veranda doors. Still in the back but more welcoming.

Re:How about...

[Quasimodem]

I prefer a cupola. You can really get a good overall view from a cupola.

Re:How about...

[Anomalyst]

How about a howdah so the Dipwads can ride our backs

Re: How about...

[ZeroWaiteState]

A lockbox.

"Getting in the way of our work"

"We see that encryption is getting in the way of our ability to have court orders effective to gather information we need in our most important work"

So does the Fifth Amendment. What's your point? Gonna put a back door in that too? (Posting AC so the FBI trash men don't come get me.)

Re: "Getting in the way of our work"

Hope you are behind TOR and a few foreign VPN then because otherwise they can certainly find you easily.

A rose by any other name...

Changing what you call it doesn't actually change what it is. If I spend money on sex and cocaine, I will still go to jail even if I refer to it as "a good nights thrashing".

Re:A rose by any other name...

[gfxguy]

The travesty is that you could go to jail doing something that hurts no one else.

Re:A rose by any other name...

It is illegal to defend yourself against your own government. You can't build a lock for your home that would keep them out. If the worst comes to the worst they'll roll a tank through your living room. Even if you set up your house like the gold reserve it wouldn't help you. The only thing that can and will keep unwanted people out of your property is the cops. If it's the cops that are doing it - you're hosed.

Encryption is different. For the first time ever the average Joe on the street is capable of building something strong enough to resist any attempt by the government. They can throw every dollar they have at the problem and still make no progress. You can't roll a tank through strong encryption. No amount of physical force will help you. No threat will work if the target is strong-willed enough. The government must always have the tools to meet you on any battleground - that's their desire. You should never have a one-up on them in anything. You should never have a power that exceeds theirs. You can have your guns but only the gimpy ones that can fire one round a minute. Don't even think about civil war - you wouldn't last one second under a barrage of railgun fire, and that's how they like it. It must be nice being the only person to have the "I Win" button.

Moot Point Now

[Wovel]

Groups like ISIS are now using their own encryption apps so there is nothing that can be done by any US tech companies prevent that. What would the point of making everything less secure be.

Re:Moot Point Now

Because it isn't about terrorism, it's about control.

Re:Moot Point Now

ISIS is a pretext. It's the boogeyman of the year.

Re:Moot Point Now

[stephanruby]

What would the point of making everything less secure be.

The FBI has obviously been compromised by traitors and foreign double-agents.

Their true purpose is to sabotage US technology companies in favor of foreign technology companies.

Re:Moot Point Now

Making everything less secure would allow specific in-power people to have superior access to market data, allowing for maximally profitable insider trading. That is the real goal, all else is just lies to win hearts and minds.

Re:Moot Point Now

Indeed. With ISIS in the picture, we're now allies with Al Quaida in many places. I guess we're building them up for the next thing after ISIS.

Re: Moot Point Now

I often suspect this

Re:Moot Point Now

Uhh, in Paris, everything was done in plain text. The police were so occupied with decoding encrypted data, that they completely forgot to look at the plain text comms.

Re:Moot Point Now

You are correct. Unbreakable encryption is already out there if someone that's serious. Find a trustworthy random number generator (e.g. a quality Geiger counter rather than a CPU RND). Then use them on a Vernam cypher on a non-networked computer physically protected from side channel attacks to encrypt message. Move the encrypted message to network enabled computer to send. Do the reverse to decrypt making sure to wipe random numbers you used to encrypt/decrypt once send/received. According to physics as we understand it, a computer with infinite computing power would not be able to decrypt the message.

Ergo... this is a power grab under the guise of doing it for the xyz cause. ("the children", "terrorism", "organized crime", etc..)

Re: Moot Point Now

Anyone who claims they have the answer to unbreakable crypto is either lying or they have no idea what they are talking about. I spot at least 2 potential weaknesses in your system (which you've obviously never implemented) so I know which one it is in your case.

Re:Moot Point Now

so your government can spy on and control...... now think REAL HARD about this you idiots..... YOU!!!!

Re:Moot Point Now

Their true purpose is to sabotage US technology companies in favor of foreign technology companies.

Bingo.

But those foreign technology companies will have to sell backdoored products in the US. Their non-backdoored products will be available outside the US, including to ISIS and others. As said earlier, it's about control of the US populace.

Re:Moot Point Now

There is another possibility.. they aren't going after the encryption savvy terrorists, but the low liers who use vanilla smart phones, routers, and other technology to communicate. Like on Facebook, you can make an effort to under-share but your less tec-savvy friends will always betray you by over-sharing _your_ information.

Re:Moot Point Now

[NReitzel]

Back a few decades ago, the MP3 file format was created, documented, and some apps became available.

Enter the Music industry, on full tilt attack mode They're still at it. The salient point that they have missed is that it is not the pirates, the sellers, the site operators that made the difference. The fundamental change was the mere existance of a portable, easily exchanged format. What has transpired since then, and what is still transpiring is due to the simple fact that file copying and exchange was made possible.

The same thing has happened with encryption technology. Two factor encryption was created (Thank you Rivest-Shamir-Adleman cryptosystem) and published, and code to accomplish same made public (Thank you Phil Zimmermann). This is the basis - though not the end all - of encryption technology. And that genie is definitively out of the bottle.

The governments can prohibit encryption, penalize encryption, backdoor encryption, whatever they choose to do. Any encryption methods that are secure will be used, any methods that are not secure will fall away. It's become an evolutionary change, and like it or not, there is no going back. These days, any half-competent programmer can design and implement an encryption package that is for all intents and purposes uncrackable in time spans measured in weeks.

The horse is no longer in the barn, people. Live with it.

Re:Moot Point Now

[laird]

Any any non-programmer can download and run secure communications software. All that outlawing secure online communications in the US would do is destroy a large chunk of the US technology industry, as everyone would shift to buying technology from more rational suppliers.

Re:Moot Point Now

Seriously - who give a fuck what the ISIS do - its not our problem and never was, this is a middle east issue not a global issue.

They can do what ever the fuck they want for all I care, it has nothing to do with me.

Re:Moot Point Now

[sociocapitalist]

Groups like ISIS are now using their own encryption apps so there is nothing that can be done by any US tech companies prevent that. What would the point of making everything less secure be.

Even worse groups like IS often use no encryption whatsoever and the law still can't stop them.
https://www.schneier.com/blog/...

Re:Moot Point Now

because 1984 IS their instruction manual and they are really afraid of the smart tv manufacturers encrypting the communications between the tv and their servers.

Re:Moot Point Now

[Schmorgluck]

It's a bit exaggerated to state it so, but not by much. By every account of knowledgeable people, security forces don't have a need for more ability to collect data, but for more manpower to exploit data. None of the attackers in Paris were unknown to the security agencies. Their radicalization was right there, registered in the files. But the files have grown too huge for the available personnel to handle properly.

Like Microsoft Skype and Hotmail?

They want to expand PRISM, remember PRISM?

http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data

The documents show that:

  Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;

  The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;

  The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;

  Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;

  In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;

  Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".

In June, the Guardian revealed that the NSA claimed to have "direct access" through the Prism program to the systems of many major internet companies, including Microsoft, Skype, Apple, Google, Facebook and Yahoo.

Blanket orders from the secret surveillance court allow these communications to be collected without an individual warrant if the NSA operative has a 51% belief that the target is not a US citizen and is not on US soil at the time. Targeting US citizens does require an individual warrant, but the NSA is able to collect Americans' communications without a warrant if the target is a foreign national located overseas.

----------------------

So all the private communications you have well the US grabbed them stuck them in giant databases to be datamined at the whim of the military complex without judicial process.
And all the companies involved knew it, and helped. Microsoft even helping remove the encryption on future version so the NSA could slurp down their data more easily.

So when you want to use Cloud Office Services, remember that your companies documents are directly available within any judicial process to the spys for the military industrial complex.

Re:Like Microsoft Skype and Hotmail?

[slacklinejoe]

Not sure about the above, but to be fair, keep in mind that MS is creating new data (and expanding existing) centers in Germany - with the emphasis to get away from NSA snooping. They used the fact that the NSA pissed off Germany with basically act of war level spying to get German support to move the O365 & Azure DCs there in a safe haven. There's talk behind the scenes to start offering customers an intentional geo-deoptimization to shove sensitive data outside of NSA reach - without charging for it. The MS data center SSPs I work with regularly are actually kind of excited about it as they trust the Germans more than the American Gov - what a weird world... Not saying this will work, we might be just trading one privacy insensitive government for another, but that's the chatter that I'm hearing.

Re:Like Microsoft Skype and Hotmail?

[swillden]

In June, the Guardian revealed that the NSA claimed to have "direct access" through the Prism program to the systems of many major internet companies, including Microsoft, Skype, Apple, Google, Facebook and Yahoo.

FWIW, David Drummond, chief legal counsel for Google, denied that Google has ever given access, direct or indirect, to the NSA. Snowden's documents made clear that the NSA was tapping communications links between Google data centers, which may have been the basis for the "direct access" claim. Google quickly moved to encrypt all of those communications links, though, so if that was the "direct access", it's been shut off.

Re:Like Microsoft Skype and Hotmail?

so if that was the [only method of]"direct access", it's been shut off.

there, ftfy. The rest of the logic should be obvious enough- see stories about the infiltration and subversion of Gemalto (AFAIK the *only* company making gpg blessed smartcard hardware for many years). Or to spell it out for the dense, the idea that a company as large as Google can't have it's security infiltrated and defeated by the CIA and NSA is a hoot. These people have the wherewithal to create fake employees with fake life histories that perfectly match job requirements. The *only* defense is distributed open source. And even that is pretty much a farce when it comes to defending against professional IC attacks.

Re:Like Microsoft Skype and Hotmail?

[swillden]

Or to spell it out for the dense, the idea that a company as large as Google can't have it's security infiltrated and defeated by the CIA and NSA is a hoot.

No one made that claim. I certainly wouldn't. And we were talking about "direct access", not full-on espionage. No organization is secure against that.

I design and build security systems at Google. These days I work on Android, but before that I worked on Google's internal security systems. And before that I was a security consultant for 15 years, working with banks, government agencies, even military organizations. So, I have some context when I say: Google's internal security is really excellent, with deeply layered interlocking defenses, both technological and procedural. And the defenses are designed specifically to prevent and/or detect internal attacks, because it's insiders who have the best opportunities for attack.

I would never claim that it's impossible that Google's systems have been infiltrated. But I will say that it would require a high level of sophistication to do it, because you'd have to place multiple people in appropriate roles in multiple systems, and those people would have to collaborate very carefully... and there would still be a non-trivial risk that they'd be caught.

If I had to put money on it, I'd bet that government agencies do have people in a few positions, and that they're able to get some stuff, but I'd also bet they have to be circumspect and keep their take very limited to avoid getting caught. My guess is that the government gets nearly all of what it gets from Google through the front door, with legal demands that are scrutinized by Google's lawyers, and met only when they comply with all relevant legal requirements.

Just call it a Rearer

Just call it a Rearer

this is why we must retain control over devices.

If people can control their own devices, and the hardware is also on their side, then it is not the FBI's choice. People can run whatever they wish.

But if we insist on buying devices that more and more treat their owners like the enemy to keep out, this becomes impossible. Even if there are some security holes to exploit to root the devices, that is beyond all but a tiny few who would be able and would bother to.

It is critical for this trend towards owner-hostile devices to be reversed, or the fight can only be lost. Already it seems 90% lost.

Every time you buy a locked down device, you are part of the problem.

Well, I've never called the FBI 'backdoors'

[fleabay]

We always called them call them Female Body Inspectors, but Backdoor Men is more appropriate. They don't care if you're male or female, they just want you to bend over and take it. BTW, they are trying to establish the new normal.

Re:Well, I've never called the FBI 'backdoors'

since this is the sub for renaming, backdoors should be called "rear entrances", that way I can really have fun talking about software at work

Re:Well, I've never called the FBI 'backdoors'

[ChunderDownunder]

We always called them call them Female Body Inspectors

I'm sure there would be plenty on here volunteering for a bodily inspection by Dana Scully!

cat, bag, out

[Black+Parrot]

A lot of public officials seem to think that encryption will just go away if they outlaw it.

Or maybe they think routers can automagically decrypt user messages.

Re:cat, bag, out

[sumdumass]

Sometimes routers can decrypt user messages. It is called a man in the middle attack. About any router capable of deep packet inspection can also achieve this withssome patches but they can also be programmed to record sessions to other storage devices which could be replayed later unencrypted.

Of course there are ways to avoid that but you have to be actually trying to avoid it in most cases. This may be less of an issue after the Citibank situation in 2006 or 2008, but still exist as a concern.

Re:cat, bag, out

Sometimes you just hang it off the router.

                              https://www.niksun.com/product...

Along with the world's best war-dialer for phone spammers:

                                https://www.niksun.com/product...

The technology was developed mostly by James B. Van Bokkolen, one of the founders of the old company FTP Software. (Does anyone else remember them? They had the first *good* TCP stack for Microsoft operating systems.) Frankly, I wish he'd taken his buy-out money from FTP Software and retired to raise horses with his wife.

Just Call Them...

...anuses..
*

Suggestion

May I suggest "Patriot doors".

Somebody needs to

[fredrated]

hit this guy with a clue stick. Asshole.

Re:Somebody needs to

You mean glue stick.

Re:Somebody needs to

More like cement truck. Braindead.

Re:Somebody needs to

I think you found a new name for them. Maybe they should look like balloon knots.

Nope...

[jaymz666]

There is no way to guarantee nobody but the FBI can access these "back doors", or to guarantee that the FBI will do the right thing.

The business model of the FBI needs to change.

Re:Nope...

[wvmarle]

It provides great opportunity for foreign companies to produce similar products, but better and cheaper as they don't have to add this insecurity.

Thanks to the FBI, Chinese-built software may very well become the more secure choice over US-built software.

And that's before the keys to the FBI-mandated back doors are leaked or cracked or whatever making them available to the world at large...

Re:Nope...

Who is the dickweed modding all of these comments funny? It is not fucking funny.

Re:Nope...

Isn't encryption sort of perfect here ? FBI / NSA can just use massive compute to break encryption one at a time, with a warrant. Everyone wins.

Re:Nope...

Will the FBI provide insurance against all of the losses from fraud due to the use of this new not-a-backdoor backdoor?

Re:Nope...

The business model of the FBI needs to change.

âoe[T]hat morning before one of those terrorists left to try to commit mass murder, he exchanged 109 messages with an overseas terrorist,â Comey says. âoeWe have no idea what he said because those messages were encrypted. And to this day I canâ(TM)t tell you what he said with that terrorist 109 times the morning of that attack. That is a big problem.â

And what is that business model? Suppose, hypothetically, those messages were sent over a compromised system. Would the FBI have prevented the attack? They don't prevent the attacks when the goddamn Russians alert them about the Boston bombers. If there was traffic ahead of the recent unpleasantness in California - be it plaintext or encrypted - they still did nothing. What would have been different about the outcome of the Texas case had the formerly-secure communications of 300,000,000 Americans been compromised?

Re: Nope...

Leaked keys are a given. Not hearing of this as wild render the whole argument of insecure products moot.

Re:Nope...

The FBI gets mod points too.

Re:Nope...

Good call - the problem isn't encryption the problem is attitude and goverance.

Not backdoors? Different term?

Backdoors not descriptive enough?
How about "lubricated manholes" as a more apt description.
 
Capcha text is "violator", how appropriate with what the FBI want to do here.

First Build Safeguards into the FBI

[Etherwalk]

If you want us to trust our intelligence communities with decryption capabilities in case we happen to be criminals, then we need the FBI to put MUCH better accountability in place to ensure that THEY are not doing anything criminal. BEGINNING with a reliable and INDEPENDENT commission that can be approached by whistleblowers without fear of reprisal and that has the independent power to declassify anything they believe is government action in violation of Federal Law.

Because they do things that are criminal. Like, for example, mass surveillance, parallel construction, and to some extent the entrapment they use as effectively a primary tool for big investigations.

Right now we don't have the accountability to ensure that our government isn't acting criminally. We just fucking don't. They are mostly a black box saying that nobody else should be a black box.

Re:First Build Safeguards into the FBI

[fuzzyfuzzyfungus]

A black box with a known-lousy history of misusing the power they have available; which isn't exactly more encouraging.

Re:First Build Safeguards into the FBI

You mean like putting the split in between the NSA and FBI? The one Bush removed?*

Removing that split allowed the "Parallel Construction" path, with NSA handing evidence it obtained illegally (or perhaps faked) while getting the DEA & FBI to cover up the true evidence trail from the courts.

And it also allowed FBI to turn NSLs into mass surveillance devices. FBI turns up with an NSL, insists on putting in a box on the network to only capture 'meta data', the box is run by the NSA, slurps down all the passwords SSL keys and data. NSA hands back to FBI only the meta data it can legally have. Or like they did with Lavabit, demand Lavabit provide the SSL keys so they could decrypt all traffic perhaps? Again only to collect metadata.. honest.... except is the NSA that taps all the networks, so the NSA would get all the keys and all the data.

The problem here is the FBI which would be required to keep the NSA in check on behalf of Congress and the Judicial branch, has instead become a co-conspirator in many of the NSAs illegal schemes. When NSA pisses all over the constitution who exactly is supposed to march in and raid them? The boy scouts?

*Bush's company Arbusto Energy was rescued by Saudi Binladin Group. (Yes that Bin Laden). So of course he wouldn't do his job and let FBI and NSA co-operate on stopping 9/11. Of course he refused to act when CIA demanded an emergency meeting, they shouldn't have named their memo "Bin Laden determined to attack the US", as soon as he saw Bin Laden, I bet the memo went in the bin.

Re:First Build Safeguards into the FBI

[ShanghaiBill]

All we have to do is put the right people into office.

No way. That doesn't even work with HOAs, which are democracy on the smallest scale imaginable. I have never met anyone that likes their HOA, or feels they represent their interests. So how can it possibly work with a national government of 330 million people? The solution is not "the right people", because that will never happen, but the right systems, including checks and balances, and an adversarial relationship between bureaucrats and their legislative overseers. The first sign that we are on the right path, will be when we start treating whistleblowers as heroes rather than traitors.

Re: First Build Safeguards into the FBI

This anti-encryption fixation is reminiscent of all of the Iraq talk after 9/11. Iraq had nothing to do with 9/11 but the powers that be had an agenda so they kept bringing Iraq into the narrative even though the two were unrelated. So goes all of this anti-encryption talk being inserted into the ISIS debate. It's fear mongering 101.

Re: First Build Safeguards into the FBI

[Alypius]

The Bush Administration never said Iraq had anything to do with 9/11. That's a false narrative that was pushed by anti-war activists back in 2002.

Re: First Build Safeguards into the FBI

It looks like things are a bit more complicated than that:
https://en.wikipedia.org/wiki/Saddam_Hussein_and_al-Qaeda_link_allegations

Re:First Build Safeguards into the FBI

[AmiMoJo]

The problem will always be foreign governments. I don't want the FBI to be able to decrypt my communications under any circumstances, and they have no legal jurisdiction over me as I'm not a US citizen. Worse still, US constitutional protections don't apply to me so they don't even have to pretend to have permission.

Anything with an FBI backdoor is automatically banned for me.

Re:First Build Safeguards into the FBI

The public cannot make informed decisions when everything is not only secret but our own government, on both sides of the aisle, have been repeatedly caught lying and violating their own alleged rules.

When it comes to privacy neither than FBI and NSA, neither Democrats nor Republicans, can longer be trusted. They will continue to lie to us and frame it as "national security". Major Tech companies need to plow ahead with zero-knowledge encryption. And if they don't have the courage to stand up to megalomaniac control freaks in the government, little guy open source guys need to get the code out there for anyone to use. FBI and NSA need to learn to get off their fat asses and get back to some old school investigation leg work rather than trying to be Orwell. If there are more terrorist attacks and more criminals so be it. The price of freedom.

Re:First Build Safeguards into the FBI

That was supposed to partially be the FISA court. It could have been if say the court also was a place that whistleblowers could go, since FISA is basically secrete, it COULD have been a place that people in government could go to have judges look in to abuse.

As it stands now, FISA was been legislated in to being another rubber stamp.

Re:First Build Safeguards into the FBI

[cfalcon]

> If you want us to trust our intelligence communities with decryption capabilities in case we happen to be criminals, then we need

It's not decryption they want, it's a backdoor. If there's a back door, it was never really encrypted to begin with.

And what we need is encryption that works and is implemented properly- with no back doors. The idea that the government has the right to spy on each and every thing that is said at any time, at any place, and push it through whatever the latest grep / pattern analysis / AI farm- is ludicrous. It's simply ludicrous.

Encryption- not back doored encryption where you are trusted with a slave key and a bunch of people in the shadows have a master key- is the only answer.

Re: First Build Safeguards into the FBI

[bytesex]

I remember clearly that they did. It wasn't their biggest argument, and it was their first argument (rather it came about when it became clear that the people at large weren't buying into Colin Powell's magic show at the UN), but it was pushed nonetheless.

Re: First Build Safeguards into the FBI

I remember clearly that they did

Like Donald Trump clearly remembers those thousands of celebrating Muslims in New Jersey?

Re: First Build Safeguards into the FBI

[sumdumass]

Their argument was never that Iraq was behind 9/11, it was always that the devastation of 9/11 proves we cannot wait until after an attack and treat it like a law enforcement measure because the risk to innocent human life was now too large. And because of Iraq's connection to terrorist groups including al qeada and their resistance to verification of WMDS as outlined in the armistice, we couldn't wait for something to happen before acting against them or terrorist groups.

The connection between Iraq and 9/11 was only in that we had to take threats more seriously and stop them before action was taken or enabled in order to prevent future 9/11 magnitude attacks. We knew Iraq had contact with several terrorist organizations including al qeada, offered $25,000 to families of suicide bombers, we couldn't verify the WMDs in Iraq and rhetoric from Iraq itself put the question in place. Bush and Co. Said because 9/11 happened, we couldn't allow that to go on else another 9/11 could happen again. It changed how we look at threats and how we respond to them.

Re:First Build Safeguards into the FBI

[sumdumass]

FBI is domestic so you wouldn't be worrying about them unless you are in the US or in communication with someone or something that is.

  What you need to be concerned with is the CIA and the NSA unless you are in a terrorist hotspot which you can add sigtel opperations by various military organizations including those of other countries too.

Re: First Build Safeguards into the FBI

One of their arguments was that Saddam had links with Al Qaeda
I don't think they said they supported the attack on the twin towers, but they didn't go out of their way to disabuse a link and did try to create the impression that Saddam supported the group behind it. Other people thought such support unlikely.

Re:First Build Safeguards into the FBI

[Antique+Geekmeister]

> then we need the FBI to put MUCH better accountability in place to ensure that THEY are not doing anything criminal.

The FBI has demonstrated that they can, and will, use their privileged access to monitoring to abuse and harass innocent people, and to perform criminal behavior to go after the "big fish" or the "kingpins". They've also demonstrated fundamental incompetence in handling chronic, lower level crime such as identity theft, "copyright violation", inter-state stalking of minors and domestic abuse escapees, and large scale online fraud. I've simply seen no evidence that they can do _anything_ competent that involves computer security. The few convictions they've gotten credit for were basically handed to them by informants or by aggrieved victims who were compelled to interact with the FBI to obtain subpoenas from other states.

I'm afraid they're just not competent at handling computer crime. The personnel in the department may be dedicated, they may even be technologically competent: whether the problem is one of skills or leadership _does not matter_. Expanding their mission by providing decryption tools for all traffic will simply deluge them with work they cannot handle.

Re:First Build Safeguards into the FBI

[reboot246]

That's an interesting re-write of history. Maybe you should look up Jamie Gorelick and the "wall of separation" that essentially made 9-11 inevitable.

Re: First Build Safeguards into the FBI

[Antique+Geekmeister]

They also claimed that Iraq had strong Al Queda ties. According to the US House of Representatives, they lied repeatedly about it.

              http://web.archive.org/web/200...

The idea that Sadam Hussein was tied to 9/11 was a popular and understandable one in the shock after 9/11 given the broad policy of lies. Unfortunately, it had no validity. Sadam and his regime knew much, much better than to allow a fundamentalist, radical Muslim group access to any weapons or significant political power in Iraq, or to compete with them for funding. They relied far too much on channeling fanatical fear of others into their own political powers to allow any competitors for such faith or such desperate action.

Re:First Build Safeguards into the FBI

[Zontar+The+Mindless]

In the real world, you sometimes have to give things you don't want to give so that others might be inclined to return the favour.

Re: First Build Safeguards into the FBI

Criminal mass surveillance? Those programs were signed into law and had oversight of the executive and judicial branches of the government. In case you are doing the math that is 3 for 3.

People need to stop the shrill and look at the facts.

Re: First Build Safeguards into the FBI

[KenDiPietro]

The Bush Administration never said Iraq had anything to do with 9/11. That's a false narrative that was pushed by anti-war activists back in 2002.

You mean to tell me that more than two out of three Americans who believed that Saddam was behind 9/11 did so because anti-war activists back in 2002. pushed that line? That lie was still poisoning the discourse of one out of three American voters in 2007. Apparently, the drive by, liberal, mass media was involved on pushing this lie too. This lie was foisted upon the world by the Bush Administration. What bothers me most is that you (or the people who told you the lie you're repeating) know that this was not only a despicable lie but one that they felt needed to be countered or the lie you are regurgitating never would have seen the light of day.

Re: First Build Safeguards into the FBI

tell me good private citizen - how do ya like those interstate roads?

The government can do a lot of things that individual citizens cannot accomplish

Re: First Build Safeguards into the FBI

Inevitable? Sure, when you've trained the radicals in our defense intelligence schools, gotten their travel papers, closed down any investigation targeting them, and prosecuted whistle blowers on all that too, or anyone who made heated remarks about the loyalty of top officials. It wasn't inevitable, the people have enemies at the top.

Re: First Build Safeguards into the FBI

[KenDiPietro]

Their argument was never that Iraq was behind 9/11, it was always that the devastation of 9/11 proves we cannot wait until after an attack and treat it like a law enforcement measure because the risk to innocent human life was now too large.

As quoted from here:

"In his prime-time press conference last week, which focused almost solely on Iraq, President Bush mentioned Sept. 11 eight times. He referred to Saddam Hussein many more times than that, often in the same breath with Sept. 11."

"Bush never pinned blame for the attacks directly on the Iraqi president. Still, the overall effect was to reinforce an impression that persists among much of the American public: that the Iraqi dictator did play a direct role in the attacks. A New York Times/CBS poll this week shows that 45 percent of Americans believe Mr. Hussein was "personally involved" in Sept. 11, about the same figure as a month ago."

"Sources knowledgeable about US intelligence say there is no evidence that Hussein played a role in the Sept. 11 attacks, nor that he has been or is currently aiding Al Qaeda. Yet the White House appears to be encouraging this false impression, as it seeks to maintain American support for a possible war against Iraq and demonstrate seriousness of purpose to Hussein's regime."

If we are to accept your reasoning, then we have to admit that the Bush Administration was inept, at the very least. But, in reality, it wasn't the president alone who made these repeated references, it was the entire administration. Then we have that ugly Powell appearance with the vial full of white powder not to mention that wonderful "artist's rendition" of the terrorist headquarters known as Tora Bora - which never existed.

When taken as a whole, we find that no other answer can be arrived at other than this was a deliberate, false dialog meant to confuse the American people and did so successfully.

The problem is what we are seeing is a need to create a false narrative which proves those who originally created these lies know that they have been pegged as liars. Does it bother you that you are one of those people spreading a false narrative designed to cover the deceit which caused tens of thousands of Iraqis to be killed with a likely hundred thousand or so maimed? Can't you understand that it was those actions which you are trying to hide that led to us having to deal with ISIS?

Either way, what you need to know is that you are the problem, not part of the solution.

Re:First Build Safeguards into the FBI

What made 9/11 inevitable was us giving religious radicals weapons so they would fuck with Russia.

That would be like someone here giving the westboro baptists weapons and pointing them at Muslims. Once they run out of Muslims, well they don't like you much either.

Re:First Build Safeguards into the FBI

[Immerman]

Well, not just that, but then continuing to fuck with (and over) the countries of those radicals we trained and supplied. Even (especially?) radicals know all about patriotism, and when your organization begins to crumble and implode from irrelevance, well what are you going to do to stay relevant and inspire new members to join? (and many other to donate - the number one priority of well-organized terrorist organizations is fundraising) You go poke the biggest, ugliest bear you can find - someone who's already shown a great willingness to indiscriminately murder women and children to keep it's enemies and puppets in line (that would be the US), and then when it bites back you sell yourself to donors and new recruits as the defender of the nation from the foreign invaders who have been fucking you over for the better part of a century. Sure, *you* know you're never going to "win the fight", but that's kind of the point. You don't want to win, that would put you right back at square one - you want to have a perpetual war that will inspire the populace to support you so that you can exercise more power at home.

Re: First Build Safeguards into the FBI

[Cederic]

People can build roads without needing a government to do it for them.

See also: Significant portions of human history.

Sorry but if you want to post contrary arguments do at least try and make them superficially credible.

Re: First Build Safeguards into the FBI

The Dulles Greenway section of Virginia Route 267 is a privately owned and developed toll road. Mind you its not a cheap toll road at a toll of around $5 or so. It's sure faster than the alternatives though.

Re: First Build Safeguards into the FBI

No this actually happened. It was such a big thing there is a FUCKING WIKIPEDIA page about it.

https://en.wikipedia.org/wiki/Saddam_Hussein_and_al-Qaeda_link_allegations

Re: First Build Safeguards into the FBI

What led to us having to deal with ISIS is that the present president of the United States created a power vacuum in Iraq. He also ineptly encouraged anti-al-Assad factions to believe that he would either stand by or perhaps even funnel money and intelligence to them, (which actually did happen to some extent.)
The facts are is that under Saddam Hussein it basically sucked to live in Iraq unless you were a member of a small minority of connected individuals. Under ISIS it sucks even more. There was a period between the fall of Hussein and the rise of ISIS where, depending upon who you were and exactly what part of Iraq you were in, that you were very much better off than before the U.S. intervened.
The problem is that once the U.S. invaded, a successful resolution to the situation would have required a mutil-decade commitment. Note that the U.S. still has forces in both Germany and Japan, which we invaded in 1944-45 some 70 years ago. Likewise South Korea, which we entered, with the UN forces some 60 years ago. Anyone with a smattering of historical knowledge should have realized an invasion of Iraq was committing the U.S. to keeping forces there until at least 2050. As long as the citizenry was on board with that, then considering the human rights abuses, probably use of chemical weapons, attempted attainment of biological weapons and Iraq's support of terrorism (not directly associated with 9/11) then intervention could, I believe, be morally defended.
However, since I don't believe that the citizenry was ok with a 50-60 year commitment in Iraq it was the wrong thing to do. I don't believe that the Bush administration either lied or were dishonest. I believe they were incompetently mistaken about the kind of commitment necessary to actually solve the problems of Iraq.

Re:First Build Safeguards into the FBI

[jedidiah]

911 was the product of lax security standards and compliant protocols based on "fighting the last war". It was a one trick pony that could only work once because passengers started immediately fighting back.

The only thing we needed to prevent 911 was El-Al type cabin security.

Everything else that's been done since has been nonsense, government power grabs, and security theater.

Re: First Build Safeguards into the FBI

[jedidiah]

For significant portions of human history, we didn't have useful roads. They were either crap or completely unprotected or both.

Even the pre-interstate transportation network required either direct government intervention or considerable government encouragement. Our rail network was basically built based on bribing would be Robber Barons.

Re:First Build Safeguards into the FBI

[UnderCoverPenguin]

and an adversarial relationship between bureaucrats and their legislative overseers.

We have an adversarial relationship between them. But, the legislative overseers are also under surveillance.

Remember, just because you aren't doing something wrong, doesn't mean there aren't enough people who won't like what you are doing to make life miserable for you when what you're doing is exposed.

Re:First Build Safeguards into the FBI

[UnderCoverPenguin]

You mean like putting the split in between the NSA and FBI? The one Bush removed? Removing that split allowed the "Parallel Construction" path

Supposedly, a DEA official told Reuters: "Parallel construction is a law enforcement technique we use every day. It's decades old, a bedrock concept."

Re: First Build Safeguards into the FBI

[sumdumass]

The Idea that Sadam Husein was tied to 9/11 is completely fabricated. They tried to tie him to Al Qaeda and as I previously said, the only connections to 9/11 was in how we treated threats after 9/11. Your link, as biased and opinionated as it is (of course it has to be because it is discussing other people's opinions), even supports that if you bothered to read it.

When we went to war in Iraq, there were known Al Qaeda and Taliban leadership officials in Iraq given safe harbor while being treated for injuries sustained in the battlefields of Afghanistan. We had reports from other countries of supposed connections to Al Qaeda that even the administration downplayed after they appeared to be bogus. We had Al Qaeda officials claiming there was a link that later turned out to be falsely given to avoid torture by the Egyptians. As far as your link is concerned, it only says that Al Qaeda and Iraq did not cooperate in any attack on the US but never says anything about their connections or connections in the future and Al Qaeda is not the only terrorist organization we needed to worry about. It was the War on Terror not was on Iraq.

You are correct in that Saddam and Al Qaeda likely would not have collaborated on anything. But that does nothing to negate the fact that Bush's primary claim on the war on terror wasn't Iraq being behind 9/11, it was that we have to preemptively end threats before they become 9/11 stile attacks and that we can no longer wait for it to happened before taking actions (which had primarily been the operational tactics previous to 9/11).

Re: First Build Safeguards into the FBI

[sumdumass]

f we are to accept your reasoning, then we have to admit that the Bush Administration was inept, at the very least. But, in reality, it wasn't the president alone who made these repeated references, it was the entire administration. Then we have that ugly Powell appearance with the vial full of white powder not to mention that wonderful "artist's rendition" of the terrorist headquarters known as Tora Bora - which never existed.

Or, we could have just gotten false information from people supposedly in the know.

http://www.nytimes.com/2005/12...

https://en.wikipedia.org/wiki/...

When taken as a whole, we find that no other answer can be arrived at other than this was a deliberate, false dialog meant to confuse the American people and did so successfully.

Nope. If you are only looking at half the facts, I can see how you would come to that conclusion. But I never made any claim to the validity of the prewar intelligence, just that Bush never made the claim that Iraq was involved in 9/11. So I don't really know why you are bringing it up. It doesn't refute my claim which you seemed to sidestep quite nicely.

The problem is what we are seeing is a need to create a false narrative which proves those who originally created these lies know that they have been pegged as liars. Does it bother you that you are one of those people spreading a false narrative designed to cover the deceit which caused tens of thousands of Iraqis to be killed with a likely hundred thousand or so maimed? Can't you understand that it was those actions which you are trying to hide that led to us having to deal with ISIS?

I should as much as ask you the same. I mean your position is only valid if you ignore quite a lot of reality which makes it not real at all. We had faulty intelligence reports, over stated reliability of these reports, and outright lies by captured Al Qaeda personnel. To say misinformed statements (which is what it really boils down to) is a lie while ignoring the lies that caused the misinformation itself is a lot dishonest to say the least. It is as if you have a narrative and damn anything getting in it's way. You are what you are claiming Bush and Co to be.

Either way, what you need to know is that you are the problem, not part of the solution.You should stand in front of a mirror while saying that. First, I never said we didn't get things wrong, I said that Bush's position was never that Iraq was connected to 9/11, his position was that we couldn't operate as usual after 9/11 because of the magnitude of it. You have offered nothing to discredit that and only started on tired old already discredited Bush Lied people Died propaganda that frankly does not pass the smell test in this day and age.

Re: First Build Safeguards into the FBI

[KenDiPietro]

Or, we could have just gotten false information from people supposedly in the know.

Which would ignore that entire department setup by Donald Rumsfeld known as the Office of Special Plans which according to The Guardian, "operated under the patronage of hardline conservatives in the top rungs of the administration, the Pentagon and at the White House, including Vice-President Dick Cheney."

The Guardian further adds, "Mr Tenet has officially taken responsibility for the president's unsubstantiated claim in January that Saddam Hussein's regime had been trying to buy uranium in Africa, but he also said his agency was under pressure to justify a war that the administration had already decided on."

Nope. If you are only looking at half the facts, I can see how you would come to that conclusion. But I never made any claim to the validity of the prewar intelligence, just that Bush never made the claim that Iraq was involved in 9/11.

Are you honestly trying to suggest that two thirds of the American public misunderstood the President, Vice President, as well as Condoleezza Rice? Seriously?

So I don't really know why you are bringing it up. It doesn't refute my claim which you seemed to sidestep quite nicely.

Can you explain why during testimony in a lawsuit brought on behalf of the estates of 9/11 victims, George Eric Smith, a senior business analyst for Sun Gard Asset Management, and Timothy Soulas, a senior managing director and partner at Cantor Fitzgerald Securities, why former CIA Director, R James Woolsey, at that time a member of the administration's Defense Policy Board, Colin Powell and George Tenet all swore under oath that a "conclusive link" between Saddam and 9/11 existed? It seems strange that these members of the Bush Administration would swear under oath that they believed such a thing if they never thought it was true.

I mean your position is only valid if you ignore quite a lot of reality which makes it not real at all. We had faulty intelligence reports, over stated reliability of these reports, and outright lies by captured Al Qaeda personnel.

So, we're going to go with the Bush Administration was inept as a defense? I can agree that looking back in hindsight that is likely to be the case. But then we have that nagging issue of all the times multiple members of the Bush Administration mentioned Saddam and 9/11 in the same sentence.

To say misinformed statements (which is what it really boils down to) is a lie while ignoring the lies that caused the misinformation itself is a lot dishonest to say the least. It is as if you have a narrative and damn anything getting in it's way. You are what you are claiming Bush and Co to be.

Bullshit.

What I keep hearing out of you is that somehow, as if by magic, the overwhelming majority of the American public just woke up one morning and decided that Saddam was involved in 9/11 but that all the times the Bush Administration mentioned this had nothing at all to do with that.

You apparently are here to tell all of these Americans that they are idiots and nothing the Bush Administration did in any way was responsible for this error. Sure, let's go with that.

First, I never said we didn't get things wrong...

Indeed.

I said that Bush's position was never that Iraq was connected to 9/11, his position was that we couldn't operate as usual after 9/11 because of the magnitude of it.

So, when "President Bush, Vice President Cheney and other top administration officials have often asserted that there were extensive ties between Hussein's government and Osama bin Laden's terrorist network; earlier thi

Re:First Build Safeguards into the FBI

That's the way blowjobs work.

Re: First Build Safeguards into the FBI

Once again, sumdumass proves the accuracy of his username.

key escrow

[Orgasmatron]

Maybe we could call this new scheme "key escrow". That way we can run our side of the debate just by recycling posts from ~20 years ago.

Re:key escrow

They could make it even simpler by having some sort of chip that device makers can install right into their products. Why hasn't anyone thought of this before?

Re:key escrow

[Strangely+Familiar]

A chip that could clip through the encryption? Someone should invent it! But what to call it???

Re:key escrow

[cfalcon]

Call it what it is- you get a slave key, the government gets a master key.

Re:key escrow

The new kind of slavery: The FBI?

Re:key escrow

Link for the youngsters.

So Comcast is now a government agency?

[sethstorm]

Comcast:

It's not a "cap", it's a "usage plan"

If Comcast were a Swiss insurance agency:

Don't think of it as "exclusive", think of it as a "custom experience".

If Comcast was the FBI:

It's not a backdoor, it's [redacted].

Re:So Comcast is now a government agency?

[mjwx]

If Comcast was the FBI:

It's not a backdoor, it's [redacted].

Unlock the power of rebranding... Call it a FREEDOM portal.

some other suggestions

[NostalgiaForInfinity]

So, the FBI doesn't want to call these things "backdoors". OK, let's come up with some alternatives:

The FBI wants to install security barndoors in your software.

The FBI wants to create festering security wounds in your software.

The FBI wants to buttf*ck your software.

Which of those other euphemisms would you prefer, Mr. Comey?

Re:some other suggestions

[SuricouRaven]

This is a government policy, remember. From the organisation that brought you the "Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act."

I suggest "Secure Homeland Intel Transferal holes."
Or possibly "Freedom holes."

Re:some other suggestions

[NormalVisual]

Well, it's more important for legislation to have a snappy name than it is for it to actually be beneficial to the public. Geez, don't you get that?!

Re:some other suggestions

[nctritech]

I'd +5 Funny that for the "freedom holes" alone. That's a damn good one.

Re:some other suggestions

Backdoors? They prefer to call it "Windows 10".

Re:some other suggestions

Glory Holes?

Just claim they're profiling you

and their budget will get cut. That's what happened to the team who was investigating the San Bern shooter 3 years ago.

no mad max

[iggymanz]

typewriters are still made and sold; ribbons are made and still sold

Re:no mad max

[fustakrakich]

The government will just make you 'retain' your old ribbons...

Re:no mad max

[iggymanz]

that works on the plastic kind that get cut and stuck to paper, but use the old-school inked cloth ribbon, get it re-inked regularly (or do it yourself) and you're golden

Re:no mad max

[Bing+Tsher+E]

In the Soviet Union typewriters were restricted and registered.

Re:no mad max

[iggymanz]

also copy machines and printing presses. reference prints of every machine were organized and kept on file to identity any printed matter.

Re:no mad max

[SuricouRaven]

Color copiers and laser printers embed a steganographic code into every printed page too - if you know how to read the pattern of very pale yellow dots, you can determine the printer's serial number. It's an anti-counterfeiting measure. Inkjets usually don't do it because no-one is going to mistake inkjet-printed currency for the real thing.

Hire a more tech Savy Director

In all aspects of todays world, if you are not the least bit tech savy... you are incompetent.

Great news for free software and work locations

[iamacat]

Remember how, back in the days, we used to download PGP from Finland because of US export restrictions? These days are coming again, with resulting renewed public interest in free software and sideloading apps outside the walled garden. As well, it's a chance for a developing country to establish an alternative Silicon Valley exporting truly secure software, even PC and mobile operating systems, worldwide. Hopefully I can move there and live like a king.

Re:Great news for free software and work locations

[Burz]

Nowadays people are turning to apps like Signal and RetroShare. Another interesting option is Ostel. For browsing and other PC apps, running Tor on Whonix fits the bill.

Re:Great news for free software and work locations

And the rest of the world is laughing because the US is crippling itself again... We do feel sorry for the individuals.

Fruit of the poison tree

[emil]

Convey to us that those who gather intelligence will respect the doctrine of the fruit of the poison tree, and refrain from using tainted evidence in building criminal cases against citizens outside of dire threats. https://en.m.wikipedia.org/wik...

Cliched, but fitting

[istartedi]

A lot of people rush to Orwell references, but this seems like a genuine attempt at Newspeak to me.

Just tell them to fuck off.

Despite what most people think, it's perfectly legal to tell law enforcement to fuck off and take it with my lobbyist.

But Jim you're giving away our best tricks

Mr Potato Head, MR POTATO HEAD
Back doors are not secrets!

FTFY

[whoever57]

by selling only communications gear that enables law enforcement and foreign governments to access communications in unencrypted form,

FTFY

Re:FTFY

[Anomalyst]

by selling only communications gear that enables law enforcement , foreign governments and criminals who have a linchpin's dirty little secret to access communications in unencrypted form,

FTFY

Goodbye US business overseas

Thanks for desperately trying to kill off what little US business still exists overseas.

The funny thing is...

He speaks like this is a fait accompli. Without any legislation that requires them to do so, no sane tech company is going to change their products in a manner which makes consumers any less likely to buy them

Re:The funny thing is...

[camperdave]

Just because they have capitulated and installed this "feature" doesn't mean they are going to advertise the fact to consumers. In fact, it would not surprise me if they were legally unable to divulge the existence of such features.

Re:The funny thing is...

Their competitors wouldn't be under that obligation. Nor would researchers from overseas.

You would hear about it on the interwebs, probably even here.

The ridiculousness is appaling

[nashv]

It's come to this now? The US agencies don't even pretend to respect the rights to privacy and freedom of expression. They are now openly asking for Orwelian features in products produced by private companies?

Are American citizens so lost that they do not see how ridiculous that sounds ? They might as well just as every citizen to spend a mandatory year in prison ...just in case they get incarcerated later in life.

Re:The ridiculousness is appaling

[WaffleMonster]

Are American citizens so lost that they do not see how ridiculous that sounds ?

24x7 media propaganda works. People are scared out their minds.

Re:The ridiculousness is appaling

Most Americans are too busy working or watching Netflix to pay attention let alone care.

Re:The ridiculousness is appaling

[SEE]

It's come to this now?

"Now"?

The agencies persistently pester for it. They were asking for it twenty years ago; they'll still be asking in another twenty years.

Re:The ridiculousness is appaling

YES, Americans are fucking stupid sheeple.

French Route

So the FBI wants to take the French route? Breakable GSM, LTE, 3G and such, with key limits? In the news near future: "All US business secrets were stolen today with the help of carefully planted briefcases along all city centers, everywhere. Yes, everywhere. And onward to the weather! Stacy, are you being listened to enough?"

Fundamentally its Admitting Failure and Laziness

Rather than "Solving" the problem, they would rather change the Debate to "argue" they are not at Fault for Not solving the problem.

Performance Review: FBI (negative zero)

Ther are much more product ways of conducting surveying a crime scene than "Prospecting on the Possibility that some [Smart Person] but not Us, will find a way of making sense of all this data = Fail"

And Excuse is an Excuse is an Excuse.. this is ridiculous

The FBI has not thought it out

[yacc143]

So considering that that the us government uses nowadays mammy commercial products of the shelf itself;
Considering that other governments control access to potentially as big or bigger markets than the US one ->

Are they happy with the Chinese/Russians also reading the communications of the US government?

And they are using commercial regular stuff. By design (to save money and make certain projects even feasible) or mistake (do I need to say Clinton ' email).

Also consider that practically all the hardware for these new communications is produced outside the states. Where other governments can insist on back doors (when it quacks ... call it by it's proper name).

E.g. the German privacy watchdog has currently issued a ruling that Google Mail is a communication service and needs to provide "an automatic interface for lawful interception". If the courts let that stand (something quite realistic) and Google not being able to prove to legal standards if an account is "German", that might mean that they'll need to allow to intercept traffic on all accounts.

Great that the FBI gives governments the inspiration to what they should require from companies (including US ones).

Re: The FBI has not thought it out

Maybe a Chinese company could contract with their government for support, serving US consumers to spy on the US government. Cooperation like this may be the only way for US citizens to know what their government is doing and get acccountability. Bonus points if the info is extracted through US government mandated backdoors.

What Terminology Would You Prefer

[Greyfox]

How's "Freedom Anuses" grab you? Honestly, if it hadn't been for the Government's meddling in the 90's, all traffic on the Internet would be encrypted by now and the whole place would be much more secure. Near as I can tell, you still can't integrate PGP into a E-Mail client without the government trying to fuck you in the ass. I mean backdoor, er... freedom anus!

Re:What Terminology Would You Prefer

[KGIII]

Just click and install Enigmail. It's not PGP but it is GPG and I don't recall needing the government's permission to make use of it. They do (if they want) have my public key files available but that's not a problem - they're the public keys and they're allowed to have them. I can, if I want, opt to transfer the key to someone via any number of different routes and not have a public key store.

But no, not all traffic needs to be encrypted (for starters) and no government cared one iota that I opted to use encryption on the email that I sent out just a few hours ago. They didn't even offer to fuck me in the ass.

Why is it supposed to be easy?

Investigating personal behavior should be difficult. If that means I live in a more dangerous world, so be it. Terrorism doesn't terrify me.

Re:Why is it supposed to be easy?

You really think your opinion matters, do you?

That aside

[Sycraft-fu]

How do you prevent criminals et al from using it? The problem with back doors is there really isn't any way I know of to make them secure. You can't make encryption where you don't need the key to decrypt it, yet it still is secure. The back door can be obfuscated or the like, but if someone finds it then it is game over.

So even if we decide we trust the government and they have good oversight and all that, it is still leaving things open to other parties. Good encryption keeps everyone else out, that is just how it works and how it has to work.

Re:That aside

Hypocrisy at its best

The head of the FBI wants to see Snowden put to death for handing over only some of our classified (illegally classified, but still) documents to the world.
While at the same time he wants to hand over ALL of our classified and unclassified communications to the entire world.

I say he should put his money where his mouth is and be forced to live in Russia with a US imposed death sentence over his head - exactly as he has called for.

Re:That aside

[Zontar+The+Mindless]

All you need is to look at what happened with those TSA master keys for your luggage.

Not going to post the link again because I've already done so twice in the last few days and I'm not looking to be a karma whore, but just search for something along the lines of "TSA Keys Schneier Security" and you'll find the story quickly enough.

Re:That aside

[dgatwood]

How do you prevent criminals et al from using it?

Well, it is possible, but it requires making it hard enough to use that the government won't want to bother with it. For example, the company could place a private key in an escrow service offshore, destroy their only copy, and provide the public key to every device. The device could then encrypt a copy of its private key using the company's public key, which the company could print out on paper and store in boxes organized by date. If the government wanted a copy, they would have to provide the device ID, which the company would look up in a database. The company would then require a government official to be physically present while they go to the room, unlock the box, obtain the correct encrypted private key, carry it out of the locked room, send it overseas to be decrypted, receive the result, and deliver the key to the government.

In other words, make it so that the government would need to have probable cause, a proper search warrant for the device, and a few thousand dollars per key to cover the company's retrieval costs, plus a sizable bit of padding to defray the company's storage costs.

Things Criminals Dislike

Door Locks, Curtains, Safes, Encryption, Sealed Envelopes...
hmmmm....

Well [redacted]

Well, I have to admit that [redacted] is a good name for it.

I mean, when they [redacted] me, I definitely feel like they really [redacted] me in the [redacted]. So it's very accurate!

Re:Well [redacted]

[U2xhc2hkb3QgU3Vja3M]

Might as well call it a "smurf".

What's really dumb...

What's really completely ignorant of Mr. Comey is to think that if the companies making the phones stop encrypting the devices that we as individuals won't if the device doesn't by default. Is he really so full of himself that he doesn't think that we'll just encrypt it anyway?!?! Seriously, how ignorant is this man? If Apple stopped supporting encryption in iOS I'd jailbreak the sucker in a second and install encryption. If Google stopped using encryption in Android, I'd root the sucker and install encryption. Apple and Google are merely saving us the trouble of doing it ourselves. FUCK OFF!

How does this work internationally?

So let's just talk data at rest on an iphone.. Apple builds a backdoor so the USA government can access all data if they physically possess the device.. Does his only impact phones sold in America?

Now for every country they are in market do they need different hardware or software.. I'm sure we can't have one master backdoor for all governments globally because no one trusts each other..

Re: How does this work internationally?

Think about this another way, Apple sells phones in countries that require access by the government. I.e. Russia China India and on and on. It's already know that they hold the private keys for all of their services, iMessage FaceTime, iCloud and maybe the phones too since unless you jailbreak, where is the encryption key stored on the ssd for the tpm module to access

James Comey should resign if he can't do his job

Encryption is protected speech. If you are unwilling to accept this resign and make way for someone who respects the constitution.

UK Parliament uses NSA friendly cloud

Britain's Parliament switched to Office 365, Microsoft's Cloud servers. Microsoft made a pretense of storing the data in Ireland (but of course the NSA was given a tap into it, just as they were given a PRISM tap into all of Microsoft's other services *worldwide*).

http://www.computerweekly.com/news/2240230372/Hague-reassures-MPs-on-Office-365-data-storage-as-Microsoft-ordered-to-hand-over-email-data

So now when members of Parliament draft laws that the US doesn't like, they can head it off, or undermine the politicians concerned. BEFORE the document even leaves the desk of the politicians!

GCHQ meanwhile, whose job it is to secure British Communications, signed off on this. Well at least the traitors in the agency did.

Re:UK Parliament uses NSA friendly cloud

[slacklinejoe]

The whole Ireland stuff is still stuck in appeals. The Gov asked for the data, Microsoft took it to the courts - to my knowledge nothing was handed over yet. That's what lead to them expanding their content storage in Germany as they had more legal support for taking it there. The NSA demands stuff all the time - doesn't mean it's always handed over. Besides, if you are worried about security O365 and Azure support Bring Your Own Key encryption. That's relatively standard stuff now days with Azure Government tenants - granted, I've only done this for US customers, cannot speak for the UK. Regarding move to Germany, that's all scuttlebutt - but it's scuttlebutt from my local Microsoft Data Center folks over beers.

The Internet will need to change

If the FBI wins the Internet would 'need' to change it's business model â" by selling absolutely nothing because purchases would be even more insecure, another way the Internet would need to change is no confidential financial or work information could be shared on the Internet, also people should just accept that they won't have any security or privacy from anyone else on the Internet.

Re:The Internet will need to change

And the guys who run the FBI won't care because he doesn't use electronics, because he is over 80 years old.

Just call it what it is.

[Z00L00K]

Just call a hammer a hammer and a backdoor a backdoor.

Today I'd worry more about shortcomings in security on Chinese-made devices, but with the FBI involved it's going to be additional holes.

Meanwhile the terrorists just go on with their own ways of information exchange. It's also a huge information flood to sift through making it hard for authorities to ever figure out if something is serious or not. Even if they know they may not take action to avoid revealing their sources. Like the shootings in Paris - did someone know but considered that it was better to make it hapen because then their agency would profit? Same with the WTC attack in 2001. It's standard operating procedure in intelligence to not reveal how they work at The cost of lives.

If an intelligence agency did act upon every suspect message then the western world would be severely disrupted. Imagine the effect of a standstill on every case when "bomb has been planted" in Call of Duty or whatever game it's used has been sent. It's hard for algorithms to realize that it's a game since the context is also needed.

Dear FBI Director James Comey

Would you kindly go fuck yourself. Here, use this dildo. I understand it's made from a mold of Lexington Steele's dick.

You can call it something other than anal reaming if doesn't sit right with you. You'll also want some of that vaseline over there (or maybe you won't, I honestly don't know what you had to do with your asshole to get the job of FBI Director.)

Here it is

... selling only communications gear that enables law enforcement ..

Yep, tech companies have to do the government's job for them. Didn't Ms Clinton have an identical whinge last week? Someone's pumping a "It's all the tech companies' fault" meme into news channel, repeatedly. Unfortunately, this fits the dream of corporate welfare and fascism, I mean 'small government' and 'privatize everything' fanatics. Maybe the NSA should be privatized; that would bring many intelligence activities into public view.

HOAs (was Re:First Build Safeguards into the FBI)

If you actually read the governing documents of most HOA's you'll find that many owner members don't like their HOAs because they did didn't read those documents and listened their real estate agent's rosy tales that convinced them to buy.

HOAs are corporations. The member owners are shareholders. How often do the shareholders love what their corporation does? Except for making profits, increasing the stock value or paying out dividends.

Now add the fact that HOAs are corporations that are not allowed to make a profit or pay a dividend and have only a little control over the market value of member properties and you've removed the primary reasons most shareholder's like any corporation they've invested in.

 

When crypto is outlawed...

[L.+J.+Beauregard]

When crypto is outlawed, only outlaws will have crypto.

Crypto doesn't kill, people kill.

You can have my crypto when you pry it from my cold, dead fingers.

American companies

[mwvdlee]

He also says tech companies should just accept that they would be selling less secure products.

LMFTFY

He also says American tech companies should just accept that they would be selling less desirable products than their non-American competitors.

Re:American companies

[sconeu]

He also says tech companies should just accept that they would be selling less secure products.

Federal Agencies should just accept that they are supposed to be bound by the US Constitution.

Re:American companies

[mwvdlee]

Federal Agencies should just accept that they are supposed to be bound by the US Constitution.

Federal Agencies accept that they are supposed to be bound by the US Constitution the same way whores accept they are supposed to decent.

Re:American companies

[cbhacking]

Yep. First thing I thought when I saw that line. I'm not generally a fan of the degree of influence businesses can impose on the government, but if it takes the united front of everything from Apple down to (relatively tiny) Mozilla to stop this bullshit, I'll take it. The NSA has already cost American corporations significantly, both in lost sales and in needing to defend themselves against their own government (which, in fairness, isn't that different from the defending against foreign governments that they probably should have been doing anyhow). Throw the FBI in the ring too, and "Made in USA" software is going to become untouchable, anathema to all the rest of the world's businesses.

Re:American companies

[Opportunist]

Oh, that can be made worse. US companies could be forced to buy those products for security relevant applications, pretty much opening any and all trade secrets to anyone willing to bribe whoever has the key.

a problem is an opportunity

[Max_W]

Dumbed down software and hardware produced in the USA with official back-doors (unofficial ones seems to be already in existence) would give a chance to producers from other countries. The same as happened with bureaucratic limitations on civil commercial UAV usage in the USA.

One of the leaders in civil UAV is the DJI, and it is not an US company.

that's ok

[Tom]

We'll just be going back to using strong crypto from outside the USA, like we did for most of Internets history.

Re:that's ok

Exactly what I'd recommend, and just natural for such a low ID to remember what the Internet was before gmail, facecrap and all the shit everyone feels entitled to today. Learn to use encryption. If companies protect your rights, all the better, but be prepared.

In other news, the USA lost Safe Port status in a recent ruling of the superior court of justice in the EU. The USA looks more and more like a relatively rich banana republic, something like the UAE, teeming with hipocrisy and corruption.

In the 90s a man had only one computer, and all his data was located under his roof. Now it's easier than ever to pay for cheap TOR relays set up by oneself, with a little studying it's easy to become undetectable. The IoT will contribute to the situation even more. Who can tell if the thermostat in, say, a gym two blocks away, is your personal drop box when port knocking in the correct secuence? Who can account for every byte of RAM in every MCU connected to the Internet? Pirating movies and moving Gigabytes must be done in the open, it can still be encrypted but the metadata is impossible to hide, but a secret message can be orders of magnitude smaller.

Re:that's ok

[Tom]

Right on most, wrong on one account: We don't try to hide small data.

I have a music collection that I'd hate to lose in part because some of it I probably couldn't find again. I have GB of personal data, images, 3D models, software, texts. Add personal photographs and videos and we're not talking about data that you can hide on a thermostat any more, unless your thermostat has a hundred or so GB of storage space for some very strange reason.

This will continue

[cfalcon]

This will continue nearly indefinitely. The game plan would be something like- first pass laws to prevent it from happening in the US, which will include free and open source software, second talk easily persuaded nations into the same thing, third use trade tactics and even threats to push down the "terrorism supporting" nations.

Encryption is speech. Any of these attempts are flatly unconstitutional.

Dear USA

You are only 4% of the worlds population.
You are only 1 of 194 countries.

If YOUR government demands backdoors, the governments of the rest of the world will either
a) Demand the same rights, the same back doors.
b) Stop trusting any IT/Comms from the USA

Re:Dear USA

The way things are going, the a) option is the likely one. There will be some posturing, huffing and puffing and empty gestures, but in the end EVERY country wants to keep its citizens under surveillance, and worldwide might makes right. Full transparency for the citizen and complete unaccountability for the authorities are going to be the norm. There's nothing we can do. Privacy was merely a consequence of technological limitations, it was simply unfeasible and uneconomical to spy on everybody all the time. No longer the case now. The Surveillance Age is here: embrace it.

Re:Dear USA

Except this is not about keeping citizens under surveillance. It's about industrial espionage. How many terrorist attacks have been prevented so far through this 'mass surveillance' programs? ZERO!

Re:Dear USA

[Opportunist]

Demand? Why bother?

If there is a backdoor, someone has to have the key to it. We're not talking about script kiddies and Anonymous wanting this access. We would have nation states and international corporations wanting this access. It's not Joe Randomhacker in his basement. It's Iran, China, Boeing and various corporations that would try to gain access. They don't hack it. They find someone to drop a few millions on to hand over the key.

You think that would be hard? Finding an underpaid government official willing to aid a "friendly" corporation for a few bags of money?

Re:Dear USA

So what? You can repeat it until your vocal chords fall out. It's not going to change anything. ALL governments have the Transparent Citizen in their agenda and NONE will give up on it. Ever. As for industrial espionage, with TTIP et al it's going to be a thing of the past: the megacorps will carve up the planet and its populace and do as they please. There is no way to stop them. It's a done deal. Accept it and console yourself by knowing that there has never been anything you or anyone else could have done about it.

Re:Dear USA

[Antique+Geekmeister]

> It's not Joe Randomhacker in his basement.

Until Joe Randomhacker steals it from poorly secured governmental resources. The same problem is built into the digatal rights management system called "Trusted Computing". The "Trusted Comting" key escrow, which basically puts private keys for software and hardware based encryption and access control in an screw repository held by Microsoft. The system has somewhat languished since it was discovered that one could virtualize the required hardware component, allowing parallel access on multiple virtual machines to the same data.

Doors "Back Door Man"

https://www.youtube.com/watch?v=OJ4xsxQSarc

FBI fantasies are just as bad as TSA fantasies

Backdoors to ALL encryption cannot be done. Suppose I want to send a completely encrypted message to you and that realizing the transport available is compromised we've arranged an encryption technique of our own ahead of time. Here is your copy of this obscure book. It's the same edition and printing. For each word in my message I will send three numbers, page, line, word. If needed there is an escape into literals by sending three spaces in a row. Then the first letter of the word is used.

You and I have the book. Many others may have it or may have had it and threw it away. But will the interceptors have it? Will they be able to figure it out? Will the FBI charade be any more effective than the TSA charade?

{^_^}

Re: FBI fantasies are just as bad as TSA fantasies

No forward secrecy in your method

Dear James Comey

You and your think alikes will be the death of American IT companies. Less and less people are willing to trust US-based hardware and software manufacturers.

Re:Dear James Comey

[Opportunist]

Pretty much this. If I have to assume that any service I host in the US is backdoored (and frankly, there is no such thing as a "government only" back door. Money will open this backdoor to anyone willing to pay), I cannot host any sensitive information in the US. I cannot use any software from a company based in the US that I cannot audit thoroughly (read: is OSS) for any security related application if I have to pretty much expect that there is a way for anyone able to spend the time or money to gain access to a mandatorily existing backdoor.

Fuck, even hard- and software from China would be more trustworthy.

Re:Dear James Comey

Exactly, it's more about industrial espionage than anything else.

Companies aiding and abetting terrorrism

I hold the view that any company that aids or helps one or a group of nation states in cyber warfare, conventional warfare, torture, oppression, insurgency, murder, and destruction of property, to be members of a terrorist organization.

Countries that occasionally dabble with terrorism are: USA, UK and Norway (invasion and attack on Libya, willfully lending war material for attack/occupation of Iraq), and probably other countries as well.

...and guns?

[Mirar]

Would they also like to force everyone to buy guns that can only shoot blank ammunition?

I'd like to see that debate.

Re:...and guns?

[cfalcon]

> Would they also like to force everyone to buy guns that can only shoot blank ammunition?

Probably. This is a sustained fight to eliminate the bill of rights in practice and adopt a European-style set of laws that can be changed by the legislative branch at any time- if they are willing to openly declare war on the first and fourth amendments, and install their agents in your firmware (which is arguably in violation of the third), why would the second amendment be any more sacred to them to the rest of that inconvenient bill of rights?

Don't call them "backdoors"

[Opportunist]

No problem, folks. We've been calling you "assholes" for a while now already.

Re:Don't call them "backdoors"

Which they can appreciate since it makes it easier to overlook that they are actually an organized crime syndicate robbing the tax payers for unconstitutional purposes. If they were merely assholes, they would still do their job rather than dismantle the U.S.A.

Re:Don't call them "backdoors"

I recommend we call them "keys under the welcome mat". That way even the technically uninformed or disinterested can really understand what the FBI and indeed all Three Letter Agencies want. They want a key under the welcome mat. Which no one but the homeowner or law enforcement will use, the FBI pinky swears it!

If they sell less secure applications,

Or build less secure devices,
I won't buy it.

If they build it,
I won't come.

One-time pads

It's funny, because no-laws can ever stop the terrorists/pedophiles/scumbags/copyright infringers from using something like a simple one-time pad for communication. It'll take a little while to do it by hand, but once done it's fairly hard to intercept the data. Unless you have a warrant and can get hold of the keys. That's ok - if a court issues a warrant about my data then I'll happily hand it over anyway.

Don't call them "backdoors"

Come on USA, shut up, bend over and take it in your arse (aka backdoor) - you know you like it. Meanwhile, we in the free world will just look askance at your fetishes, and get our products from those that actually understand security.

The rest of the world is worse...

[clay_buster]

And the rest of the world is laughing because the US is crippling itself again...

Re:The rest of the world is worse...

Laughing ? we are cying because via our collabarator poodles of politicians you will force this shit on us through 'trade agreements and harmonisation'.

Sure.. Go ahead

As long as the fbi address that every time a credit card, identity, bank account, baby cam, web server, email account,
  home pc is compromised anywhere in the world that they will compensate the victim then goo for it.

Bigbrotherization.

Wasn't it ridiculous when you thought about TVs which could also watch you while you watched them? Well, we got smart TVs, now.

And cell phones for tracking.

The way things go every device will need a FBI/NSA registration in the future.

Good thing we still can go to the toilet without being watched, though, yes, some people are extremely oblivious to that and take their phones with them all the time...

Whats the point?

[balajeerc]

Even if I do sign an EULA saying that I allow [Microsoft/Yahoo/Apple/Google] to provide my correspondence to the FBI, what prevents the bad guy from encrypting his message using a 4096 bit PGP encrypted string and THEN using steganography to hide it in image data and sending that image out to his compatriots? Are you also going to make it illegal for the user to just use a complicated math calculation? Even if you do, how are you going to detect a violation of that? This entire witch hunt on encryption by the enforcement agencies boggles my mind.

Re:Whats the point?

sad you are only modded 3 a couple days after the fact at the bottom 15% of the comments. Because the idea of layering encryption I thought was brilliantly and humbly admitted in some leaked presidential memo a few months back. The one with 3 or 4 implementation alternatives to 'the backdoor plan/idea'. One of them was split keys with escrow, another was a literal extra physical port on the device. But the document found it's sanity by stating at the end that it was pretty much all bullshit because at the end of the day, any terrorist of significant enough scale could easily enough defeat it like you said by layering PGP 4096 (to the extent magical classified quantum computers cant yet defeat that), or more simply, the mathematically quite simple application of a perhaps pencil and paper based OTP. But here we are, with all this fucking hot air in this debate, that dances around that elephant that Obama finally addressed. Perhaps the FBI just didn't get that memo.

Re: HOAs (was Re:First Build Safeguards into the F

I would never consider buying a home in a neighborhood without an HOA. Yards must be mowed, trash and trashcans hidden from site, prevents people from painting their houses hot pink and purple, no cars parked on the street, cars not blocking sidewalks, trees are planted and landscaping kept up, no backyard mechanics running a business from their house, no multifamily homes, limited number of dogs (no home kernels), et, etc.

In essence, HOAs prevent the "neighbors from hell": whatever it is you do on your property can not affect the value of my property.

If you are the neighbor from hell, you can't live in my neighborhood unless you change your ways.

Let's call spade a spade

You just don't call rape rape, call it less than consensual intercourse.

Waaaaaaaaaah!

[JustAnotherOldGuy]

Don't call our "back doors" by the evil name of "back doors"!!

Call them "Butthole Access Portals" or "Freedom Shafts", but not "back doors"!

Criminals LOVE Him

Dear Mr James Comey,

Thanks for the backdoors!

Sincerely,
Every Criminal Organization Ever

Perhaps the G man should just accept

he has to do his job properly

WHY would the "terrorists" use the crippled stuff?

If they're so worried about criminal and terrorists being smart enough to encrypt, do they really think that those folks are going to upgrade to more insecure versions? It's not like they can force upgrades.

They're not stupid. It's obvious that this has nothing to do with hunting existing or future terrorists. Encryption isn't a thing you can disable easy access to.

You people just don't understand.

We NEED the government to be able to spy on us to protect us from all the people who are pissed off because of the stuff our government does.

Flying pink unicorns

Insisting on backdoors in software encryption is believing in a flying pink unicorn that farts butterflies and rainbows. It'is impossible to deny secure encryption by anyone not terminally stupid - such as politicians and heads of three-letter agencies.

Encryption requires the message sender and receiver privately share a key to decode a message.

AES, RSA, et al, only bring the ability to make the key very small compared to the message. If the key can be the size of the message, the classic spy "one-time pad" is unbreakable and trivial to construct/ use. We are in the age of very cheap, very tiny, storage. (As I write this, on my desk is a 32 GB USB stick that sits on my thumbnail.) Securely moving gigs of a one time pad is no more difficult than securely moving a 256 or 512 bit key. It's trivial to write the encode/decode software, anyone* can do it - all one need do to either code or decode is to XOR the message bitstream with the one-time pad (key) bitstream. The one-time pad need only be high entropy (random numbers work great) for such encryption to be unbreakable.

*short of politicians and bureaucrats...

Re: HOAs (was Re:First Build Safeguards into the F

Yards must be mowed, trash

Why, if it is during a drought it is better if you let it grow longer.

and trashcans hidden from site,

How does this affect you?

prevents people from painting their houses hot pink and purple,

Why do you care again?

no cars parked on the street

Holy Fuck why does this bother you?!?!

, cars not blocking sidewalks

Ok at least this one is annoying.

, trees are planted and landscaping kept up,

Now you are demanding they turn their yard into a park?

no backyard mechanics running a business from their house,

Umm I fix my own cars and the cars of friends and family. Why does this bother you? I am clean it isnt very often and it saves me money, maybe I will plant a tree with that saved money, just for you.

no multifamily homes,

How does this affect you? You just hate college students who split rent with roommates.

limited number of dogs (no home kernels),

I can see not wanting the neighbor to have ten, but if they dont bark and their shit is cleaned up. How does this affect you.

All I see you as is a whiny bitch. I bet people light bags of shit on your doorstep dont they.

Re: HOAs (was Re:First Build Safeguards into the F

[laurencetux]

the problem is a HOA very quickly goes National Socialist

Grass must be green and no longer than 1.752 inches at all times
All Houses must use paints from this list of suppliers (purchase list for 19.95 from Betty)

ect

Re: HOAs (was Re:First Build Safeguards into the F

[Immerman]

Not the AC, but I've got to say that while there are a couple of your points I agree with (you want me to turn my beautiful healthy lawn into a short-cropped wasteland because you have no idea what healthy grass looks like? F that.), Do you really not see why people would object to their neighbor turning their property into an eyesore? I have to look at that pink shit every day, and it lowers my property value by association. I agree that any reasonable person should be able to work on their own car at home, and occasionally a friends. But I would go so far as to say there has never in the history of the world been a group of 10 dogs (rarely even 3) that don't bark constantly. Barking is what dogs do - it's what WE remade them to do - to act as early-warning systems to compensate for our own pitiful senses.

Fine with me.

Fine with me, as long as POTUS, FLOTUS, SCOTUS and the rest of the COTUS use same "technology".

If POTUS and FLOTUS and the SCOTUS have nothing to hide, they have nothing to fear.

Think of how much earlier the little cigar episode could have been solved.

Re:Fine with me.

I propose we start calling them POOTUS, FLATUS, SCROTUS and COITUS.

Anthropology

An anthropologist would have a field day with this. It's all about loss of power over others. What's the favorite way to reinforce power among primates? F the other guy in the 'back door'. No big surprise, FBI wants more back doors...

rofl

Dear USA, FBI, US tech companies! You can keep your shitty spywares for yourselves.

Things that should not be encyrpted

Medical Records: people need quick access to these, encryption is a slow process, these should be in clear text.
Tax Returns: Again, encryption is slow, any encrypted returns should be audited. Any tax program should send returns in clear text over the internet.
Personal Data: Again, for speed of backup, personal data should not be encrypted.

Things that should be encrypted:

Marketing preferences: these are valuable, and sold to the highest bidder, these should always be encrypted.
Search History: again, valuable data that can be sold.

If it's about you, and you don't own it, but can be sold to the highest bidder, it can be encrypted.

If it's yours AND about you, fuck it, clear text.

All hail the disembodied head on the wall!

As long as it's all doublespeak to legitimize our never-ending false flag proxy war in Eurasia lets call them freedom holes. Maybe we should completely invert the constitution and call it our right to be observed.

They aren't thinking about backdoor access

Perhaps they are thinking more of the front door.
As in the primary use for a network is to enable a bigger big brother.

Using, instead of fixing, zero days pretty much shows their view of the purpose of the network.

The problem is that, even assuming that these folks are boy scouts, it leaves us in a much worse overall position because of the actual bad actors.

Freedom Ports, Freedom Keys

Call them "Freedom Ports" or "Freedom Keys".

Wrap it up in the American flag, and it can be a shit sandwhich, but americans will line up to eat it because they can claim that they were eating "freedom sandwiches" before their neighbours, and therefore they are more patriotic.

This is stupid.

[johnnys]

The real bad guys ALREADY have strong encryption. PGP is free and widespread. Hizbollah operate a fiber network in Lebanon, just to make it hard for Israel to tap their traffic. Cyber criminals and terrorists know how to use strong encryption to protect their traffic.

So all you're doing by putting backdoors in all the products is to allow the bad guys to break into those devices and steal law-abiding citizen's data, while not affecting the ability of the bad guys to communicate securely. The backdoors ENABLE the criminal behaviour while doing NOTHING to help the victims of the bad guys.

When strong encryption is outlawed, only outlaws will have strong encryption.

Is our FBI really this stupid.

Technologically incompetent.

Now I am really scared.

Re: HOAs (was Re:First Build Safeguards into the F

[jedidiah]

Nonsense.

Living in the right neighborhood with a sufficiently high "buy in" prevents "neighbors from hell". Even with the "wrong kind of people", such neighbors are limited not so much by HOAs but pretty mundane zoning laws.

The old-biddie gestapo is simply unnecessary.

All an HOA does is prevent you from using your own property how you see fit. It makes your property part of the collective and the collective is clueless. Ugly paint still goes up and other measures that could improve curb appeal are banned.

The rules that could be useful aren't ever actually enforced.

Re: HOAs (was Re:First Build Safeguards into the F

[jedidiah]

> Do you really not see why people would object to their neighbor turning their property into an eyesore? I have to look at that pink shit every day, and it lowers my property value by association.

Utter nonsense.

My last personal domicile had a "neighbor from hell" living next door. He had cars up on blocks filling his driveway. It didn't slow down the sale of that house the slightest bit.

The house was in an excellent location. It and it's yard sold itself. So did it's highly desirable suburban location. We sold it quickly, for above market, during a horrible slump.

The people worried about "property values" are stupid amateurs that are nothing but conspicuous consumers with no real clue.

'Backdoor' == NOT ENCRYPTED

[kheldan]

The FBI, like most of our policitians, apparently, are ignorant jackasses. If you put a 'backdoor' into encryption so the government can encrypt it, then it is exactly the same, in practical terms, as transceiving data in the clear instead. Guaranteed, terrorists, spies, and criminals, will all have access to this 'backdoor' within weeks (if not days or hours) of it becoming a reality. What do we have to do to get these fucking idiots to understand that?

Re: 'Backdoor' == NOT ENCRYPTED

It will take the same amount of time as it did for them to understand how the war on drugs is, was, and will ever be a failure. And I'm not convinced that they've really accepted that yet.

Matrix are perty

A matrix looks like this 29 30 47 62 it should have a (
around it but I don't how 71 41 38 59 )
  how it is so perty I think I might put 1 in all my correspondence .

Has the FBI caught even one terrorist by email?

While the FBI wages a war on encryption we should ask them if they have been able to stop one terrorist attack from reading emails? Evidence points to "No."

Re:Nobody (minus a personal agenda) wants this

Don't go away mad, AlecStaar--just go away.

VPro

Intel chips allready have back doors.

Intelligence failed in the last two cases

Paris - unencrypted SMS was used

California - encryption was not a factor.

How did they fail in both cases? Because when you spy on everyone, important info gets lost in the noise

Re: HOAs (was Re:First Build Safeguards into the

That's more like fascism.

LOL

[sentiblue]

Comey is simply a moron...

The agency has been stealing all along already... just keep doing it and shutup... instead, he's now coming out saying that we should just give it to him so that he doesn't have to steal....

Nobody (minus a personal agenda) wants this

See subject: So WHY THE FUCK are you FBI & "political people" still pushing it? Not enough GOOD TALENT in programming + signal intelligence wants to help you in this madness & lunacy?? Apparently so!

* Accept this: Nobody sane or normal wants their communications collected or spied upon!

(... Have you people @ the FBI forgotten who it is that REALLY funds you, civil servants?)

Answer = "WE THE PEOPLE" - NOT "WE THE CORPORATIONS" or "the 1%" either!

APK

P.S.=> I must have "struck a nerve" with this post seeing as some scumbag weasel who I can't ID downmodded this very same post last time I posted it here http://yro.slashdot.org/commen... ... apk

It is for our good

Don't protest, it is for your good you idiots . They just want to see what the terrorists are planning .

Consumer Warnings

We can solve this problem with consumer warnings:

WARNING: This product contains data protection technology that is intentionally weak for US markets. If any sensitive data is stored on this product, manufacturer recommends purchasing identity theft protection insurance.

For Online storage vendors, the following should be mandatory:

WARNING: Your data may be hosted in the USA, where multiple third parties may have access to your data under questionable legal precedents, without notification We recommend no personal data be stored. We recommend identity theft protection insurance be purchased if storing any personal data.

It's Unamerican

[BrendaEM]

Amendment IV: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

A suggestion for an alternative...

[TheCaptain]

Would they prefer the term "glorious holes"? It's as valid of a substitute as any...

American legal doubletalk; It's the American way

[knorthern+knight]

No, it's not a back door. It's "allowing the FBI to do their job".

No, it's not confiscation of private property, like the British did 240 years ago, contributing to the start of the American revolution. It's "civil forfeiture".

No, it's not racial and sexual discrimination against white males. It's "affirmative action".

No, it's not mistreatment and torture of prisoners of war. It's mistreatment and torture of "enemy combatants".

Re: HOAs (was Re:First Build Safeguards into the

There's a whole lot of reasonable area in lawn care that we're glossing over. Any sensible HOA will have rules regarding lawns too short, as well as too long. You don't want to live next door to 4 foot tall weeds, nor do you want the half-dead look because someone can't be arsed to fix a sprinkler. It's obnoxious, fix it.

Some groups in drought-prone areas even allow for non-grass yards. I'm in SoCal and my HOA has started allowing low- and no-water lawns. Paving stone pathways with a few shrubs (indigenous) sand, and gravel. They look pretty sweet.

Likewise with paint colors. We have a dozen or so options, across 3 companies. Sure, they're all vaguely brown/tan ... But it's a reasonable compromise.

Like most things, HOAs aren't inherently good or bad. Good ones are good. Bad ones are bad. There are probably more bad ones, stemming from the corruptibility of random Joes given a modicum of power, but I digress.

God made the urethra

Dick holes.

Encryption? Might as well outlaw air.

If you had asked me 10 years ago what I thought the FBI would be against, I'd guess terrorists, murders, guns, drugs, etc.

I'd have guessed jello was the future enemy before I thought encryption would be vilified.

Seriously, encryption? It's been going on since forever, and will continue to, in various forms. Might as well outlaw air.

Re: HOAs (was Re:First Build Safeguards into the F

[Immerman]

Sold quickly sure, but without a neighbor from hell, how much more would it have sold *for*. Maybe its only a few grand difference, but that's potential money they took out of your pocket. Plus the eyesore thing. If it doesn't bother you that's great. But I bet you there were several others on your block who wished he wasn't cluttering up the place.

Re: HOAs (was Re:First Build Safeguards into the

[Immerman]

If the grass is less than a foot tall, it isn't healthy. Modern lawns are by their very nature ecological wastelands - mice, snakes, insects - all the things required to make a healthy ecosystem mostly require long grass to hide in, get rid of them and all you have left is an artificially supported monoculture. The four-foot weeds could be far healthier, though I can understand that some people find them unpleasant. Especially if it got that way by neglect, in which case they won't be maintained properly to compensate for the lack of wildlife eating them down.

I agree with you on HOAs though - they're democracy in microcosm, with all the potential and ugliness that implies.

Ready for a laugh?

If so, first read this paragraph regarding the gal who shot up CA last week [from the New York Times]:
"Had the authorities found the posts years ago, they might have kept her out of the country. But immigration officials do not routinely review social media as part of their background checks, and there is a debate inside the Department of Homeland Security over whether it is even appropriate to do so."
Now think about this:
The government that is concerned that it may not be "appropriate" to view an immigrant candidate's social network posts, insists on being able to read it's citizens most private communications & documents!!!

In case your memory is rusty, here's start of our Constitution's 4th Amendment, Ratified 12/15/1791: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated...

Seems they wish to respect the privacy of an immigrantion candidate more than that of a citizen. My sides hurt from laughing.

Lest We Forget

[LongArcher]

When repeated words of warning fall on deaf ears, vile deeds committed in the name of patriotism must take their place. For this nation may only endure when we the people are periodically reminded of the unalterable and self-evident truth, that even democratic republics may give birth to despots and tyrants.

Trust works both ways !!

THats right, " Trust me I work for the Government and I am here to help". My encryption will stay, FBI be damned.

Once upon a time

At one time law enforcement had to make a case to get peoples data or personal information. The new world gives us victimless crimes and auto guilty (i.e., backdoor access). Wouldn't it be nice if law enforcement had to work like everyone else?

Okay, then let's make up a new name

I suggest we call them barndoors. Because they are going to be huge, once they are discovered, it will be impossible to lock them, and all sorts of traffic will use them.