Slashdot Mirror
FBI: Just Don't Call Them Backdoors (networkworld.com)
sandbagger writes: The FBI still wants backdoors into encrypted communications, it just doesn't want to call them backdoors, and it doesn't want to dictate what they should look like. Tech companies [says FBI Director James Comey] 'need' to change their business models – by selling only communications gear that enables law enforcement to access communications in unencrypted form, he says, rather than products that only the parties participating in the communication can decrypt. He also says tech companies should just accept that they would be selling less secure products.
Had you not been spying on all of us without warrants we wouldn't be encrypting our stuff. Act like the bad guy, don't be surprised when your treated like a bad guy.
"We see that encryption is getting in the way of our ability to have court orders effective to gather information we need in our most important work"
So does the Fifth Amendment. What's your point? Gonna put a back door in that too? (Posting AC so the FBI trash men don't come get me.)
Groups like ISIS are now using their own encryption apps so there is nothing that can be done by any US tech companies prevent that. What would the point of making everything less secure be.
They want to expand PRISM, remember PRISM?
http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data
The documents show that:
Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;
In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".
In June, the Guardian revealed that the NSA claimed to have "direct access" through the Prism program to the systems of many major internet companies, including Microsoft, Skype, Apple, Google, Facebook and Yahoo.
Blanket orders from the secret surveillance court allow these communications to be collected without an individual warrant if the NSA operative has a 51% belief that the target is not a US citizen and is not on US soil at the time. Targeting US citizens does require an individual warrant, but the NSA is able to collect Americans' communications without a warrant if the target is a foreign national located overseas.
----------------------
So all the private communications you have well the US grabbed them stuck them in giant databases to be datamined at the whim of the military complex without judicial process.
And all the companies involved knew it, and helped. Microsoft even helping remove the encryption on future version so the NSA could slurp down their data more easily.
So when you want to use Cloud Office Services, remember that your companies documents are directly available within any judicial process to the spys for the military industrial complex.
If people can control their own devices, and the hardware is also on their side, then it is not the FBI's choice. People can run whatever they wish.
But if we insist on buying devices that more and more treat their owners like the enemy to keep out, this becomes impossible. Even if there are some security holes to exploit to root the devices, that is beyond all but a tiny few who would be able and would bother to.
It is critical for this trend towards owner-hostile devices to be reversed, or the fight can only be lost. Already it seems 90% lost.
Every time you buy a locked down device, you are part of the problem.
We always called them call them Female Body Inspectors, but Backdoor Men is more appropriate. They don't care if you're male or female, they just want you to bend over and take it. BTW, they are trying to establish the new normal.
PlanetVulkan.com
A lot of public officials seem to think that encryption will just go away if they outlaw it.
Or maybe they think routers can automagically decrypt user messages.
Sheesh, evil *and* a jerk. -- Jade
May I suggest "Patriot doors".
hit this guy with a clue stick. Asshole.
There is no way to guarantee nobody but the FBI can access these "back doors", or to guarantee that the FBI will do the right thing.
The business model of the FBI needs to change.
If you want us to trust our intelligence communities with decryption capabilities in case we happen to be criminals, then we need the FBI to put MUCH better accountability in place to ensure that THEY are not doing anything criminal. BEGINNING with a reliable and INDEPENDENT commission that can be approached by whistleblowers without fear of reprisal and that has the independent power to declassify anything they believe is government action in violation of Federal Law.
Because they do things that are criminal. Like, for example, mass surveillance, parallel construction, and to some extent the entrapment they use as effectively a primary tool for big investigations.
Right now we don't have the accountability to ensure that our government isn't acting criminally. We just fucking don't. They are mostly a black box saying that nobody else should be a black box.
Maybe we could call this new scheme "key escrow". That way we can run our side of the debate just by recycling posts from ~20 years ago.
See that "Preview" button?
Comcast:
It's not a "cap", it's a "usage plan"
If Comcast were a Swiss insurance agency:
Don't think of it as "exclusive", think of it as a "custom experience".
If Comcast was the FBI:
It's not a backdoor, it's [redacted].
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
So, the FBI doesn't want to call these things "backdoors". OK, let's come up with some alternatives:
The FBI wants to install security barndoors in your software.
The FBI wants to create festering security wounds in your software.
The FBI wants to buttf*ck your software.
Which of those other euphemisms would you prefer, Mr. Comey?
The travesty is that you could go to jail doing something that hurts no one else.
Stupid sexy Flanders.
I prefer a cupola. You can really get a good overall view from a cupola.
typewriters are still made and sold; ribbons are made and still sold
Remember how, back in the days, we used to download PGP from Finland because of US export restrictions? These days are coming again, with resulting renewed public interest in free software and sideloading apps outside the walled garden. As well, it's a chance for a developing country to establish an alternative Silicon Valley exporting truly secure software, even PC and mobile operating systems, worldwide. Hopefully I can move there and live like a king.
Convey to us that those who gather intelligence will respect the doctrine of the fruit of the poison tree, and refrain from using tainted evidence in building criminal cases against citizens outside of dire threats. https://en.m.wikipedia.org/wik...
A lot of people rush to Orwell references, but this seems like a genuine attempt at Newspeak to me.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
FTFY
The real "Libtards" are the Libertarians!
It's come to this now? The US agencies don't even pretend to respect the rights to privacy and freedom of expression. They are now openly asking for Orwelian features in products produced by private companies?
Are American citizens so lost that they do not see how ridiculous that sounds ? They might as well just as every citizen to spend a mandatory year in prison ...just in case they get incarcerated later in life.
Entia non sunt multiplicanda praeter necessitatem.
So considering that that the us government uses nowadays mammy commercial products of the shelf itself;
Considering that other governments control access to potentially as big or bigger markets than the US one ->
Are they happy with the Chinese/Russians also reading the communications of the US government?
And they are using commercial regular stuff. By design (to save money and make certain projects even feasible) or mistake (do I need to say Clinton ' email).
Also consider that practically all the hardware for these new communications is produced outside the states. Where other governments can insist on back doors (when it quacks ... call it by it's proper name).
E.g. the German privacy watchdog has currently issued a ruling that Google Mail is a communication service and needs to provide "an automatic interface for lawful interception". If the courts let that stand (something quite realistic) and Google not being able to prove to legal standards if an account is "German", that might mean that they'll need to allow to intercept traffic on all accounts.
Great that the FBI gives governments the inspiration to what they should require from companies (including US ones).
How's "Freedom Anuses" grab you? Honestly, if it hadn't been for the Government's meddling in the 90's, all traffic on the Internet would be encrypted by now and the whole place would be much more secure. Near as I can tell, you still can't integrate PGP into a E-Mail client without the government trying to fuck you in the ass. I mean backdoor, er... freedom anus!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
How do you prevent criminals et al from using it? The problem with back doors is there really isn't any way I know of to make them secure. You can't make encryption where you don't need the key to decrypt it, yet it still is secure. The back door can be obfuscated or the like, but if someone finds it then it is game over.
So even if we decide we trust the government and they have good oversight and all that, it is still leaving things open to other parties. Good encryption keeps everyone else out, that is just how it works and how it has to work.
Well, I have to admit that [redacted] is a good name for it.
I mean, when they [redacted] me, I definitely feel like they really [redacted] me in the [redacted]. So it's very accurate!
How about a howdah so the Dipwads can ride our backs
There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.
Britain's Parliament switched to Office 365, Microsoft's Cloud servers. Microsoft made a pretense of storing the data in Ireland (but of course the NSA was given a tap into it, just as they were given a PRISM tap into all of Microsoft's other services *worldwide*).
http://www.computerweekly.com/news/2240230372/Hague-reassures-MPs-on-Office-365-data-storage-as-Microsoft-ordered-to-hand-over-email-data
So now when members of Parliament draft laws that the US doesn't like, they can head it off, or undermine the politicians concerned. BEFORE the document even leaves the desk of the politicians!
GCHQ meanwhile, whose job it is to secure British Communications, signed off on this. Well at least the traitors in the agency did.
Just call a hammer a hammer and a backdoor a backdoor.
Today I'd worry more about shortcomings in security on Chinese-made devices, but with the FBI involved it's going to be additional holes.
Meanwhile the terrorists just go on with their own ways of information exchange. It's also a huge information flood to sift through making it hard for authorities to ever figure out if something is serious or not. Even if they know they may not take action to avoid revealing their sources. Like the shootings in Paris - did someone know but considered that it was better to make it hapen because then their agency would profit? Same with the WTC attack in 2001. It's standard operating procedure in intelligence to not reveal how they work at The cost of lives.
If an intelligence agency did act upon every suspect message then the western world would be severely disrupted. Imagine the effect of a standstill on every case when "bomb has been planted" in Call of Duty or whatever game it's used has been sent. It's hard for algorithms to realize that it's a game since the context is also needed.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
If you actually read the governing documents of most HOA's you'll find that many owner members don't like their HOAs because they did didn't read those documents and listened their real estate agent's rosy tales that convinced them to buy.
HOAs are corporations. The member owners are shareholders. How often do the shareholders love what their corporation does? Except for making profits, increasing the stock value or paying out dividends.
Now add the fact that HOAs are corporations that are not allowed to make a profit or pay a dividend and have only a little control over the market value of member properties and you've removed the primary reasons most shareholder's like any corporation they've invested in.
Just because they have capitulated and installed this "feature" doesn't mean they are going to advertise the fact to consumers. In fact, it would not surprise me if they were legally unable to divulge the existence of such features.
When our name is on the back of your car, we're behind you all the way!
He also says tech companies should just accept that they would be selling less secure products.
LMFTFY
He also says American tech companies should just accept that they would be selling less desirable products than their non-American competitors.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Dumbed down software and hardware produced in the USA with official back-doors (unofficial ones seems to be already in existence) would give a chance to producers from other countries. The same as happened with bureaucratic limitations on civil commercial UAV usage in the USA.
One of the leaders in civil UAV is the DJI, and it is not an US company.
We'll just be going back to using strong crypto from outside the USA, like we did for most of Internets history.
Assorted stuff I do sometimes: Lemuria.org
This will continue nearly indefinitely. The game plan would be something like- first pass laws to prevent it from happening in the US, which will include free and open source software, second talk easily persuaded nations into the same thing, third use trade tactics and even threats to push down the "terrorism supporting" nations.
Encryption is speech. Any of these attempts are flatly unconstitutional.
Would they also like to force everyone to buy guns that can only shoot blank ammunition?
I'd like to see that debate.
No problem, folks. We've been calling you "assholes" for a while now already.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Pretty much this. If I have to assume that any service I host in the US is backdoored (and frankly, there is no such thing as a "government only" back door. Money will open this backdoor to anyone willing to pay), I cannot host any sensitive information in the US. I cannot use any software from a company based in the US that I cannot audit thoroughly (read: is OSS) for any security related application if I have to pretty much expect that there is a way for anyone able to spend the time or money to gain access to a mandatorily existing backdoor.
Fuck, even hard- and software from China would be more trustworthy.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Demand? Why bother?
If there is a backdoor, someone has to have the key to it. We're not talking about script kiddies and Anonymous wanting this access. We would have nation states and international corporations wanting this access. It's not Joe Randomhacker in his basement. It's Iran, China, Boeing and various corporations that would try to gain access. They don't hack it. They find someone to drop a few millions on to hand over the key.
You think that would be hard? Finding an underpaid government official willing to aid a "friendly" corporation for a few bags of money?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
And the rest of the world is laughing because the US is crippling itself again...
Even if I do sign an EULA saying that I allow [Microsoft/Yahoo/Apple/Google] to provide my correspondence to the FBI, what prevents the bad guy from encrypting his message using a 4096 bit PGP encrypted string and THEN using steganography to hide it in image data and sending that image out to his compatriots? Are you also going to make it illegal for the user to just use a complicated math calculation? Even if you do, how are you going to detect a violation of that? This entire witch hunt on encryption by the enforcement agencies boggles my mind.
Don't call our "back doors" by the evil name of "back doors"!!
Call them "Butthole Access Portals" or "Freedom Shafts", but not "back doors"!
Just cruising through this digital world at 33 1/3 rpm...
> It's not Joe Randomhacker in his basement.
Until Joe Randomhacker steals it from poorly secured governmental resources. The same problem is built into the digatal rights management system called "Trusted Computing". The "Trusted Comting" key escrow, which basically puts private keys for software and hardware based encryption and access control in an screw repository held by Microsoft. The system has somewhat languished since it was discovered that one could virtualize the required hardware component, allowing parallel access on multiple virtual machines to the same data.
the problem is a HOA very quickly goes National Socialist
Grass must be green and no longer than 1.752 inches at all times
All Houses must use paints from this list of suppliers (purchase list for 19.95 from Betty)
ect
Not the AC, but I've got to say that while there are a couple of your points I agree with (you want me to turn my beautiful healthy lawn into a short-cropped wasteland because you have no idea what healthy grass looks like? F that.), Do you really not see why people would object to their neighbor turning their property into an eyesore? I have to look at that pink shit every day, and it lowers my property value by association. I agree that any reasonable person should be able to work on their own car at home, and occasionally a friends. But I would go so far as to say there has never in the history of the world been a group of 10 dogs (rarely even 3) that don't bark constantly. Barking is what dogs do - it's what WE remade them to do - to act as early-warning systems to compensate for our own pitiful senses.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Call them "Freedom Ports" or "Freedom Keys".
Wrap it up in the American flag, and it can be a shit sandwhich, but americans will line up to eat it because they can claim that they were eating "freedom sandwiches" before their neighbours, and therefore they are more patriotic.
The real bad guys ALREADY have strong encryption. PGP is free and widespread. Hizbollah operate a fiber network in Lebanon, just to make it hard for Israel to tap their traffic. Cyber criminals and terrorists know how to use strong encryption to protect their traffic.
So all you're doing by putting backdoors in all the products is to allow the bad guys to break into those devices and steal law-abiding citizen's data, while not affecting the ability of the bad guys to communicate securely. The backdoors ENABLE the criminal behaviour while doing NOTHING to help the victims of the bad guys.
When strong encryption is outlawed, only outlaws will have strong encryption.
Sometimes the "writing on the wall" is blood spatter...
Nonsense.
Living in the right neighborhood with a sufficiently high "buy in" prevents "neighbors from hell". Even with the "wrong kind of people", such neighbors are limited not so much by HOAs but pretty mundane zoning laws.
The old-biddie gestapo is simply unnecessary.
All an HOA does is prevent you from using your own property how you see fit. It makes your property part of the collective and the collective is clueless. Ugly paint still goes up and other measures that could improve curb appeal are banned.
The rules that could be useful aren't ever actually enforced.
A Pirate and a Puritan look the same on a balance sheet.
> Do you really not see why people would object to their neighbor turning their property into an eyesore? I have to look at that pink shit every day, and it lowers my property value by association.
Utter nonsense.
My last personal domicile had a "neighbor from hell" living next door. He had cars up on blocks filling his driveway. It didn't slow down the sale of that house the slightest bit.
The house was in an excellent location. It and it's yard sold itself. So did it's highly desirable suburban location. We sold it quickly, for above market, during a horrible slump.
The people worried about "property values" are stupid amateurs that are nothing but conspicuous consumers with no real clue.
A Pirate and a Puritan look the same on a balance sheet.
The FBI, like most of our policitians, apparently, are ignorant jackasses. If you put a 'backdoor' into encryption so the government can encrypt it, then it is exactly the same, in practical terms, as transceiving data in the clear instead. Guaranteed, terrorists, spies, and criminals, will all have access to this 'backdoor' within weeks (if not days or hours) of it becoming a reality. What do we have to do to get these fucking idiots to understand that?
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
Comey is simply a moron...
The agency has been stealing all along already... just keep doing it and shutup... instead, he's now coming out saying that we should just give it to him so that he doesn't have to steal....
Amendment IV: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
https://www.youtube.com/c/BrendaEM
Would they prefer the term "glorious holes"? It's as valid of a substitute as any...
No, it's not a back door. It's "allowing the FBI to do their job".
No, it's not confiscation of private property, like the British did 240 years ago, contributing to the start of the American revolution. It's "civil forfeiture".
No, it's not racial and sexual discrimination against white males. It's "affirmative action".
No, it's not mistreatment and torture of prisoners of war. It's mistreatment and torture of "enemy combatants".
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
A lockbox.
Sold quickly sure, but without a neighbor from hell, how much more would it have sold *for*. Maybe its only a few grand difference, but that's potential money they took out of your pocket. Plus the eyesore thing. If it doesn't bother you that's great. But I bet you there were several others on your block who wished he wasn't cluttering up the place.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
If the grass is less than a foot tall, it isn't healthy. Modern lawns are by their very nature ecological wastelands - mice, snakes, insects - all the things required to make a healthy ecosystem mostly require long grass to hide in, get rid of them and all you have left is an artificially supported monoculture. The four-foot weeds could be far healthier, though I can understand that some people find them unpleasant. Especially if it got that way by neglect, in which case they won't be maintained properly to compensate for the lack of wildlife eating them down.
I agree with you on HOAs though - they're democracy in microcosm, with all the potential and ugliness that implies.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
When repeated words of warning fall on deaf ears, vile deeds committed in the name of patriotism must take their place. For this nation may only endure when we the people are periodically reminded of the unalterable and self-evident truth, that even democratic republics may give birth to despots and tyrants.