FBI: Just Don't Call Them Backdoors

sandbagger writes: The FBI still wants backdoors into encrypted communications, it just doesn't want to call them backdoors, and it doesn't want to dictate what they should look like. Tech companies [says FBI Director James Comey] 'need' to change their business models – by selling only communications gear that enables law enforcement to access communications in unencrypted form, he says, rather than products that only the parties participating in the communication can decrypt. He also says tech companies should just accept that they would be selling less secure products.

Dear Mr FBI

[Snotnose]

Had you not been spying on all of us without warrants we wouldn't be encrypting our stuff. Act like the bad guy, don't be surprised when your treated like a bad guy.

Re:Dear Mr FBI

[Strangely+Familiar]

And what about Google, Apple, and Facebook? Isn't this just lovely that Comey is telling these companies to make sure there is a way they can read all our communications, even when we try to use encryption? Once the capability is there, the corporate lawyers will simply have us agree in the "end user license" (that we negotiate with them by clicking "I agree") that Google et al. can read and sell ALL our communications regardless of any court order. Nice. I really love where this is headed. Thanks again, FBI. I love you people! You're doing a great job! Always thinking of me! I feel so secure!

Re:Dear Mr FBI

The FBI recently admitted to using 0-day exploits. By definition, this means they do not alert vendors to the the exploits so that they can be fixed. It's not clear to me how this can be viewed as anything but acting like the bad guy. Law enforcement's role is to uphold law, not to catch criminals by any means.

Re:Dear Mr FBI

[drinkypoo]

Cops regularly brandish weapons without cause which is illegal, point them at people without cause which is assault and illegal, kill people without cause which is murder... In fact, here's a damned great statistic: in 2008, there were about 765,000 "sworn personnel", meaning cops with arrest powers. Today, over eleven million US citizens have a permit to carry a concealed weapon. Even if only ten percent of them make use of it, there are still hundreds of thousands more "ordinary" citizens carrying weapons than cops. In spite of this, cops will wrongfully kill more people even than deliberate mass shooters this year. They are killing people who are proven by the evidence to not have a weapon, they are turning off their body cameras before they kill people, they are killing people who they have incarcerated and they are killing people on their way to incarceration.

Everywhere you look, the people who are supposed to protect us and keep us from corruption are more dangerous and corrupt than we are.

Re:Dear Mr FBI

[KGIII]

I'm in a unique position where I can say, "Fuck you." I'm unfamiliar with your username so I imagine you may be unfamiliar with my posts and my history. I'm financially able to say, "Fuck you." I'm also able to move to another country, if need be, but I'd really hate to do so. I am, after all, a patriot at heart. It's my patriotic duty to circumvent any attempts they make at weakening encryption. It's my patriotic duty to assist others in encrypting their communication.

Our country was founded by a bunch of terrorists who hid behind anonymity until they'd gained enough popularity and wealth to be able to risk speaking freely. Whilst I'm not a violent person by nature, I am still a fan of allowed anonymous speech. I, for one, am tired of my government trying to keep me safe. I, for one, accept the risks that bad things might happen. Risks are proportionate to gain, often enough. The more liberties you have the more risks it entails. So be it.

"Getting in the way of our work"

"We see that encryption is getting in the way of our ability to have court orders effective to gather information we need in our most important work"

So does the Fifth Amendment. What's your point? Gonna put a back door in that too? (Posting AC so the FBI trash men don't come get me.)

Nope...

[jaymz666]

There is no way to guarantee nobody but the FBI can access these "back doors", or to guarantee that the FBI will do the right thing.

The business model of the FBI needs to change.

Re:Moot Point Now

Because it isn't about terrorism, it's about control.

First Build Safeguards into the FBI

[Etherwalk]

If you want us to trust our intelligence communities with decryption capabilities in case we happen to be criminals, then we need the FBI to put MUCH better accountability in place to ensure that THEY are not doing anything criminal. BEGINNING with a reliable and INDEPENDENT commission that can be approached by whistleblowers without fear of reprisal and that has the independent power to declassify anything they believe is government action in violation of Federal Law.

Because they do things that are criminal. Like, for example, mass surveillance, parallel construction, and to some extent the entrapment they use as effectively a primary tool for big investigations.

Right now we don't have the accountability to ensure that our government isn't acting criminally. We just fucking don't. They are mostly a black box saying that nobody else should be a black box.

Re:First Build Safeguards into the FBI

[ShanghaiBill]

All we have to do is put the right people into office.

No way. That doesn't even work with HOAs, which are democracy on the smallest scale imaginable. I have never met anyone that likes their HOA, or feels they represent their interests. So how can it possibly work with a national government of 330 million people? The solution is not "the right people", because that will never happen, but the right systems, including checks and balances, and an adversarial relationship between bureaucrats and their legislative overseers. The first sign that we are on the right path, will be when we start treating whistleblowers as heroes rather than traitors.

Re:First Build Safeguards into the FBI

[cfalcon]

> If you want us to trust our intelligence communities with decryption capabilities in case we happen to be criminals, then we need

It's not decryption they want, it's a backdoor. If there's a back door, it was never really encrypted to begin with.

And what we need is encryption that works and is implemented properly- with no back doors. The idea that the government has the right to spy on each and every thing that is said at any time, at any place, and push it through whatever the latest grep / pattern analysis / AI farm- is ludicrous. It's simply ludicrous.

Encryption- not back doored encryption where you are trusted with a slave key and a bunch of people in the shadows have a master key- is the only answer.

Re: First Build Safeguards into the FBI

[KenDiPietro]

The Bush Administration never said Iraq had anything to do with 9/11. That's a false narrative that was pushed by anti-war activists back in 2002.

You mean to tell me that more than two out of three Americans who believed that Saddam was behind 9/11 did so because anti-war activists back in 2002. pushed that line? That lie was still poisoning the discourse of one out of three American voters in 2007. Apparently, the drive by, liberal, mass media was involved on pushing this lie too. This lie was foisted upon the world by the Bush Administration. What bothers me most is that you (or the people who told you the lie you're repeating) know that this was not only a despicable lie but one that they felt needed to be countered or the lie you are regurgitating never would have seen the light of day.

Re: First Build Safeguards into the FBI

[KenDiPietro]

Their argument was never that Iraq was behind 9/11, it was always that the devastation of 9/11 proves we cannot wait until after an attack and treat it like a law enforcement measure because the risk to innocent human life was now too large.

As quoted from here:

"In his prime-time press conference last week, which focused almost solely on Iraq, President Bush mentioned Sept. 11 eight times. He referred to Saddam Hussein many more times than that, often in the same breath with Sept. 11."

"Bush never pinned blame for the attacks directly on the Iraqi president. Still, the overall effect was to reinforce an impression that persists among much of the American public: that the Iraqi dictator did play a direct role in the attacks. A New York Times/CBS poll this week shows that 45 percent of Americans believe Mr. Hussein was "personally involved" in Sept. 11, about the same figure as a month ago."

"Sources knowledgeable about US intelligence say there is no evidence that Hussein played a role in the Sept. 11 attacks, nor that he has been or is currently aiding Al Qaeda. Yet the White House appears to be encouraging this false impression, as it seeks to maintain American support for a possible war against Iraq and demonstrate seriousness of purpose to Hussein's regime."

If we are to accept your reasoning, then we have to admit that the Bush Administration was inept, at the very least. But, in reality, it wasn't the president alone who made these repeated references, it was the entire administration. Then we have that ugly Powell appearance with the vial full of white powder not to mention that wonderful "artist's rendition" of the terrorist headquarters known as Tora Bora - which never existed.

When taken as a whole, we find that no other answer can be arrived at other than this was a deliberate, false dialog meant to confuse the American people and did so successfully.

The problem is what we are seeing is a need to create a false narrative which proves those who originally created these lies know that they have been pegged as liars. Does it bother you that you are one of those people spreading a false narrative designed to cover the deceit which caused tens of thousands of Iraqis to be killed with a likely hundred thousand or so maimed? Can't you understand that it was those actions which you are trying to hide that led to us having to deal with ISIS?

Either way, what you need to know is that you are the problem, not part of the solution.

Re:A rose by any other name...

[gfxguy]

The travesty is that you could go to jail doing something that hurts no one else.

The ridiculousness is appaling

[nashv]

It's come to this now? The US agencies don't even pretend to respect the rights to privacy and freedom of expression. They are now openly asking for Orwelian features in products produced by private companies?

Are American citizens so lost that they do not see how ridiculous that sounds ? They might as well just as every citizen to spend a mandatory year in prison ...just in case they get incarcerated later in life.

Re:Moot Point Now

Indeed. With ISIS in the picture, we're now allies with Al Quaida in many places. I guess we're building them up for the next thing after ISIS.

Re:FTFY

[Anomalyst]

by selling only communications gear that enables law enforcement , foreign governments and criminals who have a linchpin's dirty little secret to access communications in unencrypted form,

FTFY

American companies

[mwvdlee]

He also says tech companies should just accept that they would be selling less secure products.

LMFTFY

He also says American tech companies should just accept that they would be selling less desirable products than their non-American competitors.

This will continue

[cfalcon]

This will continue nearly indefinitely. The game plan would be something like- first pass laws to prevent it from happening in the US, which will include free and open source software, second talk easily persuaded nations into the same thing, third use trade tactics and even threats to push down the "terrorism supporting" nations.

Encryption is speech. Any of these attempts are flatly unconstitutional.

Whats the point?

[balajeerc]

Even if I do sign an EULA saying that I allow [Microsoft/Yahoo/Apple/Google] to provide my correspondence to the FBI, what prevents the bad guy from encrypting his message using a 4096 bit PGP encrypted string and THEN using steganography to hide it in image data and sending that image out to his compatriots? Are you also going to make it illegal for the user to just use a complicated math calculation? Even if you do, how are you going to detect a violation of that? This entire witch hunt on encryption by the enforcement agencies boggles my mind.

This is stupid.

[johnnys]

The real bad guys ALREADY have strong encryption. PGP is free and widespread. Hizbollah operate a fiber network in Lebanon, just to make it hard for Israel to tap their traffic. Cyber criminals and terrorists know how to use strong encryption to protect their traffic.

So all you're doing by putting backdoors in all the products is to allow the bad guys to break into those devices and steal law-abiding citizen's data, while not affecting the ability of the bad guys to communicate securely. The backdoors ENABLE the criminal behaviour while doing NOTHING to help the victims of the bad guys.

When strong encryption is outlawed, only outlaws will have strong encryption.

Re: HOAs (was Re:First Build Safeguards into the F

[jedidiah]

Nonsense.

Living in the right neighborhood with a sufficiently high "buy in" prevents "neighbors from hell". Even with the "wrong kind of people", such neighbors are limited not so much by HOAs but pretty mundane zoning laws.

The old-biddie gestapo is simply unnecessary.

All an HOA does is prevent you from using your own property how you see fit. It makes your property part of the collective and the collective is clueless. Ugly paint still goes up and other measures that could improve curb appeal are banned.

The rules that could be useful aren't ever actually enforced.