FBI: Just Don't Call Them Backdoors

sandbagger writes: The FBI still wants backdoors into encrypted communications, it just doesn't want to call them backdoors, and it doesn't want to dictate what they should look like. Tech companies [says FBI Director James Comey] 'need' to change their business models – by selling only communications gear that enables law enforcement to access communications in unencrypted form, he says, rather than products that only the parties participating in the communication can decrypt. He also says tech companies should just accept that they would be selling less secure products.

Dear Mr FBI

[Snotnose]

Had you not been spying on all of us without warrants we wouldn't be encrypting our stuff. Act like the bad guy, don't be surprised when your treated like a bad guy.

Re:Dear Mr FBI

^This

I'd like a "rear entry portal" into the Capitol Building, just so I can know how they operate behind closed doors. It should be legal because (a) my tax dollars pay their salary and (b) they're suppossedly not committing any crimes!

This is all of course in line with the FBI's thought process.

Re:Dear Mr FBI

[Strangely+Familiar]

And what about Google, Apple, and Facebook? Isn't this just lovely that Comey is telling these companies to make sure there is a way they can read all our communications, even when we try to use encryption? Once the capability is there, the corporate lawyers will simply have us agree in the "end user license" (that we negotiate with them by clicking "I agree") that Google et al. can read and sell ALL our communications regardless of any court order. Nice. I really love where this is headed. Thanks again, FBI. I love you people! You're doing a great job! Always thinking of me! I feel so secure!

Re:Dear Mr FBI

The FBI recently admitted to using 0-day exploits. By definition, this means they do not alert vendors to the the exploits so that they can be fixed. It's not clear to me how this can be viewed as anything but acting like the bad guy. Law enforcement's role is to uphold law, not to catch criminals by any means.

Re:Dear Mr FBI

[drinkypoo]

Cops regularly brandish weapons without cause which is illegal, point them at people without cause which is assault and illegal, kill people without cause which is murder... In fact, here's a damned great statistic: in 2008, there were about 765,000 "sworn personnel", meaning cops with arrest powers. Today, over eleven million US citizens have a permit to carry a concealed weapon. Even if only ten percent of them make use of it, there are still hundreds of thousands more "ordinary" citizens carrying weapons than cops. In spite of this, cops will wrongfully kill more people even than deliberate mass shooters this year. They are killing people who are proven by the evidence to not have a weapon, they are turning off their body cameras before they kill people, they are killing people who they have incarcerated and they are killing people on their way to incarceration.

Everywhere you look, the people who are supposed to protect us and keep us from corruption are more dangerous and corrupt than we are.

"Getting in the way of our work"

"We see that encryption is getting in the way of our ability to have court orders effective to gather information we need in our most important work"

So does the Fifth Amendment. What's your point? Gonna put a back door in that too? (Posting AC so the FBI trash men don't come get me.)

Moot Point Now

[Wovel]

Groups like ISIS are now using their own encryption apps so there is nothing that can be done by any US tech companies prevent that. What would the point of making everything less secure be.

Like Microsoft Skype and Hotmail?

They want to expand PRISM, remember PRISM?

http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data

The documents show that:

  Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;

  The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;

  The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;

  Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;

  In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;

  Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".

In June, the Guardian revealed that the NSA claimed to have "direct access" through the Prism program to the systems of many major internet companies, including Microsoft, Skype, Apple, Google, Facebook and Yahoo.

Blanket orders from the secret surveillance court allow these communications to be collected without an individual warrant if the NSA operative has a 51% belief that the target is not a US citizen and is not on US soil at the time. Targeting US citizens does require an individual warrant, but the NSA is able to collect Americans' communications without a warrant if the target is a foreign national located overseas.

----------------------

So all the private communications you have well the US grabbed them stuck them in giant databases to be datamined at the whim of the military complex without judicial process.
And all the companies involved knew it, and helped. Microsoft even helping remove the encryption on future version so the NSA could slurp down their data more easily.

So when you want to use Cloud Office Services, remember that your companies documents are directly available within any judicial process to the spys for the military industrial complex.

First Build Safeguards into the FBI

[Etherwalk]

If you want us to trust our intelligence communities with decryption capabilities in case we happen to be criminals, then we need the FBI to put MUCH better accountability in place to ensure that THEY are not doing anything criminal. BEGINNING with a reliable and INDEPENDENT commission that can be approached by whistleblowers without fear of reprisal and that has the independent power to declassify anything they believe is government action in violation of Federal Law.

Because they do things that are criminal. Like, for example, mass surveillance, parallel construction, and to some extent the entrapment they use as effectively a primary tool for big investigations.

Right now we don't have the accountability to ensure that our government isn't acting criminally. We just fucking don't. They are mostly a black box saying that nobody else should be a black box.

Re:First Build Safeguards into the FBI

You mean like putting the split in between the NSA and FBI? The one Bush removed?*

Removing that split allowed the "Parallel Construction" path, with NSA handing evidence it obtained illegally (or perhaps faked) while getting the DEA & FBI to cover up the true evidence trail from the courts.

And it also allowed FBI to turn NSLs into mass surveillance devices. FBI turns up with an NSL, insists on putting in a box on the network to only capture 'meta data', the box is run by the NSA, slurps down all the passwords SSL keys and data. NSA hands back to FBI only the meta data it can legally have. Or like they did with Lavabit, demand Lavabit provide the SSL keys so they could decrypt all traffic perhaps? Again only to collect metadata.. honest.... except is the NSA that taps all the networks, so the NSA would get all the keys and all the data.

The problem here is the FBI which would be required to keep the NSA in check on behalf of Congress and the Judicial branch, has instead become a co-conspirator in many of the NSAs illegal schemes. When NSA pisses all over the constitution who exactly is supposed to march in and raid them? The boy scouts?

*Bush's company Arbusto Energy was rescued by Saudi Binladin Group. (Yes that Bin Laden). So of course he wouldn't do his job and let FBI and NSA co-operate on stopping 9/11. Of course he refused to act when CIA demanded an emergency meeting, they shouldn't have named their memo "Bin Laden determined to attack the US", as soon as he saw Bin Laden, I bet the memo went in the bin.

Re:First Build Safeguards into the FBI

[ShanghaiBill]

All we have to do is put the right people into office.

No way. That doesn't even work with HOAs, which are democracy on the smallest scale imaginable. I have never met anyone that likes their HOA, or feels they represent their interests. So how can it possibly work with a national government of 330 million people? The solution is not "the right people", because that will never happen, but the right systems, including checks and balances, and an adversarial relationship between bureaucrats and their legislative overseers. The first sign that we are on the right path, will be when we start treating whistleblowers as heroes rather than traitors.

Re: First Build Safeguards into the FBI

[KenDiPietro]

Their argument was never that Iraq was behind 9/11, it was always that the devastation of 9/11 proves we cannot wait until after an attack and treat it like a law enforcement measure because the risk to innocent human life was now too large.

As quoted from here:

"In his prime-time press conference last week, which focused almost solely on Iraq, President Bush mentioned Sept. 11 eight times. He referred to Saddam Hussein many more times than that, often in the same breath with Sept. 11."

"Bush never pinned blame for the attacks directly on the Iraqi president. Still, the overall effect was to reinforce an impression that persists among much of the American public: that the Iraqi dictator did play a direct role in the attacks. A New York Times/CBS poll this week shows that 45 percent of Americans believe Mr. Hussein was "personally involved" in Sept. 11, about the same figure as a month ago."

"Sources knowledgeable about US intelligence say there is no evidence that Hussein played a role in the Sept. 11 attacks, nor that he has been or is currently aiding Al Qaeda. Yet the White House appears to be encouraging this false impression, as it seeks to maintain American support for a possible war against Iraq and demonstrate seriousness of purpose to Hussein's regime."

If we are to accept your reasoning, then we have to admit that the Bush Administration was inept, at the very least. But, in reality, it wasn't the president alone who made these repeated references, it was the entire administration. Then we have that ugly Powell appearance with the vial full of white powder not to mention that wonderful "artist's rendition" of the terrorist headquarters known as Tora Bora - which never existed.

When taken as a whole, we find that no other answer can be arrived at other than this was a deliberate, false dialog meant to confuse the American people and did so successfully.

The problem is what we are seeing is a need to create a false narrative which proves those who originally created these lies know that they have been pegged as liars. Does it bother you that you are one of those people spreading a false narrative designed to cover the deceit which caused tens of thousands of Iraqis to be killed with a likely hundred thousand or so maimed? Can't you understand that it was those actions which you are trying to hide that led to us having to deal with ISIS?

Either way, what you need to know is that you are the problem, not part of the solution.

Re:Nope...

[wvmarle]

It provides great opportunity for foreign companies to produce similar products, but better and cheaper as they don't have to add this insecurity.

Thanks to the FBI, Chinese-built software may very well become the more secure choice over US-built software.

And that's before the keys to the FBI-mandated back doors are leaked or cracked or whatever making them available to the world at large...

Re:That aside

[Zontar+The+Mindless]

All you need is to look at what happened with those TSA master keys for your luggage.

Not going to post the link again because I've already done so twice in the last few days and I'm not looking to be a karma whore, but just search for something along the lines of "TSA Keys Schneier Security" and you'll find the story quickly enough.