Slashdot Mirror
French Conservatives Push Law To Ban Strong Encryption (dailydot.com)
Patrick O'Neill writes: The French parliament this week will examine a bill that would require tech manufacturers of computers, phones, and tablets to build backdoors into any encryption on the device. The anti-encryption bill is being presented by 18 conservative members of the National Assembly as part of a large "Digital Republic" bill. According to the article, The new French bill briefly praises encryption’s role in protecting user data but immediately pivots to criticizing the effects of strong encryption on state security forces.
"France must take the initiative and force device manufacturers to take into consideration the imperative of access for law enforcement officers, under the control of a judge and only in the case of an investigation, to those devices," the legislation reads, according to a translation by Khalil Sehnaoui, a Middle-East security specialist and founder of Krypton Security. "The goal is to avoid that individual encryption systems delay the advancement of an investigation."
It doesn't matter if the wall you build is thirty feet high and six men can walk abreast if you can kick in a door. The weakest part of a wall is always the gates and these kinds of bills are trying to require extra doors with standardized locks are used. No way this can be abused.
Architectural plans are like computer source code with a couple of differences: You only compile once.
Please note that the conservatives don't have a majority in the Assemblée Nationale, so this law will likely not pass, at least under its current form. But it's also true that PS hasn't been the strongest defender of privacy and personal freedom, they did a few nasty things in the wake of the terror attacks of last year, so who knows exactly what will happen...
You know who else don't like strong encryption? The terrorists.
You have to admit that the terrorists have already won. They've pwn your asses so completely that you're stabbing your own liberty like crazy.
Anybody can encrypt anything. There are hundreds of open source encryption libraries out there.
Preventing hardware manufacturers from building strong encryption into their products accomplishes nothing. Anyone can still encrypt whatever they want.
What this does is expose normal users to security risks, while *doing nothing to prevent any determined user to encrypt whatever the hell they want*
The Paris terrorists used un-encrypted communications repeatedly prior and during the attacks ... so ... ?
Puteulanus fenestra mortis
While water is great at quenching thirst, it also can kill a person if drawn into their lungs. Therefore, we demand that bottled water manufacturers make their water such that it can no longer drown someone.
WIll those be banned?
We used to have these very informative posts about HOSTS files, sometimes more than once per thread.
No, populism. Currently, conservatives ( and also neo-liberals ) thrive on it, here in Europe. Poland even has a conservative-populist government. So does Denmark.
Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
Banning strong encryption is like banning strong seat belts.
With software encryption, you'll still be able to do what you want.
Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
No, you are exactly wrong. Hindering prosecution is already against the law. By inhibiting the State's ability to examine encrypted evidence you are preventing them from proving your innocence.
Time is what keeps everything from happening all at once.
Yes, please be the guinea pig and backdoor your encryption. Then when your banking system collapses because some idiot leaked the keys, maybe it'll light a lightbulb in governments elsewhere.
- Convince one large-ish nation to ban effective cryptography.
- Monitor incoming and outgoing communications
- Compare the weakly encrypted (decrypted therefore) with the strongly encrypted data.
- Improve your systems to be able to break the strongly encrypted data.
- Government!
deleting the extra space after periods so i can stay relevant, yeah.
...anyone?
Just how easy to crack do these monkeys want it to be so that it won't hamper their investigations?
But it might help the marketplace find room for more open-source devices that can be more easily (less technically) loaded with secure open-source OSs than we have today.
Cheers, Glen
So the French version of the product will be back-doored, and all French commercial, industrial and political secrets will be available worldwide.
You have to admire the insane stupidity of crippling your own security, and then imagining that only France would be able to make use of this crippling of security!
And your enemies and allies somehow don't use it, not because its *secure*, but because of wishful thinking??
I wonder what happens when terrorists gets French backdoor keys, how they will explain that away?! "Home goal" doesn't quite cover it.
UK is to pass a bill so it can demand access to ANY data (its unlimited and unbounded and can include foreign data held by British subsidiaries). So they'll get all these backdoor keys. Finally! France will be UK's bitch! Bend over and suck it France!
Oh and so will every other country that demands the same access, or can spy to get the same access.
Dumb neocons.
You know what, if you want to defeat terrorists, try to not provide them with weapons and political support for a start.
We got these blow back attacks because France has supported terrorism as a geopolitical weapon against Syria, among other state sponsors of terrorism such as Saudi Arabia, Qatar, Turkey and the US.
So don't support terrorism and let Syria defend itself if you don't want terrorism.
Conservatives are for weak borders also, but they call it "free trade". The global economy requires money and services to cross borders in order to function, it is only fair that people can freely move to where the jobs land.
What's this amateurish Cows/Moo stuff?
Sometimes, it's the only thing that's entertaining. Lighten up.
French Conservatives Push Law to Promote Society-Wide Identity Theft
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
This is the same state that sunk the Rainbow Warrior in the port of Auckland in 1985 because they didn't like Greenpeace opposing their nuclear tests. And they want a backdoor on all devices for strong encryption? Lemme think ... no, I'll pass, merci.
The purpose is running scared of the terrorists they imagine lurking within every shadow. They see things in the world only under the context of "Could a terrorist use this against us in any way, shape, or form no matter how unlikely?" If the answer is yes, then the thing must be banned or, at least, highly secured.
For example, the shoe bomber tried unsuccessfully to blow up an airplane with a bomb hidden in his shoe. They are scared that another one might succeed so now we need to remove all shoes when going through airport security. All because one guy tried something and now the guys in charge think someone else might try it too. (Thank goodness they didn't follow the Underwear Bomber with a "get naked in the TSA line" requirement.)
So encryption might be used by businesses and individuals to secure their private transactions in a completely law-abiding fashion, but the people making these laws think one or two people might use encryption for terrorism purposes so the only way to protect us to to ban encryption and weaken us.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
Might as well bring back Nazi Germany too.
If you only study the single grain of sand you never see the beach.
All of the things occurring in the MSM you see day to day are not separate isolated incidents that arose organically.
They are parts of the terrifying whole.
"If any question why we died, Tell them because our fathers lied."
..then only criminals will have strong encryption. Why can't idiot politicians see this!? Legislation like this will do ABSOULUTELY NOTHING to prevent terrorism, it will only curb freedom of speech and the real security of honest, law-abiding, non-terrorist citizens!
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
The moo cow posts are usually right on topic, sometimes using knowledge that's inferred from the topic.
My guess is that someone wrote a script to warn him when new threads are making it to the front page. If that person has a desk job it's easy to always post in every thread.
The point is moot because the French president obtained special powers after the attack in Paris until February to enact pretty much any anti-terrorism legislation.
No he didn't.
The state of emergency allows a certain number of police actions to be done on order of a "prefet" (an administrator) rather than a judge:
1. Banning of public gatherings.
2. Search warrants.
3. House arrest.
It lasts 3 months (so its nearly over).
Thats it. Nothing more, no power to pass legislation.
Watch this Heartland Institute video
From some perspectives it's worse now.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
I'm serious. The countries should pass the laws
We live in a society that is ruled by money first. These countries should pass the laws, and the major players in the system (Apple, Google, Samsung, Sony, etc), should simply pull the products out of the country. They would take a hit to the wallet for a VERY short while, but would give those major players a HUGE advertising campaign to run on - "We won't give up your privacy".
Top tier products disappearing alone would piss off the populations in most countries, let alone a giant push to show that the top tier companies are "better" than those countries governments.
The amount of times that SOPA, PIPA, CISPA, ACTA, and OTHER type scenarios keep showing up is silly. If all the major brands left, and we (citizens of any country where the top tier companies would end up leaving) were left with the cheapy, crappy, prone-to-fail other products, the consumers would very quickly notice and take action. Can you imagine if xboxes and ps4's were taken away from stores, if iProducts and samsung products were taken away? Hell, DISABLE the apple, android, xbox, and playstation stores (only in those countries) while your add it - put up a message saying "We won't give up your privacy like your government is requiring us to do. If you want this turned back on, contact your government officials".
The top tier companies are having to pay/waste time/give up advertising space (let alone do their own advertising) against these idiotic laws anyways. Might as well band together under a common good, solidify their positions in the populations minds, and come out as heros in the end.
How can you you make hardware that will automatically backdoor an arbitrary software crypto implementation that has no backdoors. Sure this would make it harder to use conversations in games on PS4 and XBOX1 as a means of talking in secret, but that is about it.
John_Chalisque
So companies would face two paths. One path is that their products must meet French laws or maybe it would be better simply to not offer the products for sale in France. It is obvious that individual nations, usually, must not be in a position of regulating foreign- made devices. Obviously some nations are off the wall, mad dog, crazy. Would you like Somalia determining how your cell phone is built?
They're happy to build in backdoors to all equipment supplied to France.
Seriously, hardware manufacturers could simply put backdoors into equipment destined from France, and depending on the laws where the device is made be obliged to provide access to other governments when required by law. Meanwhile, anyone buying a device elsewhere would still have no backdoor and bring it into France if they want secure communications. Software services would be harder to localize given the ability to use VPNs and the need to use a breakable form of encryption of messages originating outside of France being sent to France. I guess you could decrypt it in France and re-encrypt it with French law complaint cryptology, as well as store a French copy while sending a strong encryption version outside of France; otherwise you need to build into the software a way to recognize messages that originate in France and use the proper tool to decrypt it. That assumes a company wants to maintain strong encryption outside of France.
I'm a consultant - I convert gibberish into cash-flow.
There are people still alive in France who remember European governments that would have used this to spy on political opponents, and track and kill them. One still exists, reborn from a brief democratic interlude.
One should look in the long term and deny government certain powers out of principle. We have lots of evidence of historical democracies disappearing because they needed to have emergency powers (Rome, Greece, 1930s Germany) and zero evidence for long-term survival of them.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Then only terrorists will have secure communication capabilities.
It is easy to hide messages in large photo images and not be able to tell whether there is actually any hidden data in the photo.
Governments think organized criminals & terrorists are stupid.
to help identity thieves gain access to everyone's phones. Because there aren't any criminal organizations that will EVER find these back doors as well, and everyone on the planet is far too moral to exploit mandatory security holes.
...that the set "conservatives" has a relatively small intersection with the set "smart people". How else does one explain the fact that anyone who knows anything at all about encryption and information security (almost exclusively "smart people") knows that back doors such as those being proposed are a colossally bad idea?
Grandparent falsely claims the French President has been given powers due to a terrorist attack and is modded +4 informative.
:( it's only informative if it's what you want to hear...
Parent explains how that is not the case, with sufficient information for anyone to check it and is left at +1.
User moderation at its finest
Why is it that "conservatives" in so many countries have completely lost their minds?
You can, and I would, argue against doing this, but it's still 100x better than what government's are actually asking for and likely going to get.
The government wants to be able to decrypt anything immediately and is willing to force weakpoints into encryption to do it. This makes messages less secure if anyone wants to decrypt them and gives the government the ability to decrypt everything. Requiring disclosure of passwords in court provides a number of benefits (vs that terrible system): The courts may not do everything the government wants, you can always refuse (lets say if people you care about could be harmed if disclosed), and the encryption remains strong meaning your messages are more secure against other attackers.
Ils sont fous, ces Français....
no, I don't have a sig
The British and French are reported to have pushed for weak encryption in cellular phones (A5/1 and A5/3) to make snooping easier for law enforcement. http://www.aftenposten.no/nyheter/uriks/Sources-We-were-pressured-to-weaken-the-mobile-security-in-the-80s-7413285.html.
Apparently, these governments didn't want to bother with having to serve warrants to telephone companies... Which would require, you know, legal warrants. So we ended up with 54-bit encryption (A5/1) when the engineers involved were pushing for 128.
So what happened?
What virtually everyone here will already have guessed: The back doors left for convenient government snooping made it easy for *anyone* to snoop, effectively rendering the encryption worthless. (http://www.infosecurity-magazine.com/news/3g-encryption-cracked-in-less-than-two-hours/.
Modular arithmetic is not a crime. If you make it one, French law will suddenly sit in conflict with privacy laws around the world *and in France*. And will it be illegal to transmit random bits? What about SSL?
Idiots.
Lets assume the French get the phone manufacturer to put a backdoor, the UK will surely want that. So is the US. I assume control-freak China will want that too. After that all countries will have their own backdoor with their thousands of operator who have access to that.
Encryption is just math, attempting to legislate math is like tying to legislate gravity or the speed of light.
XML is a known as a key material required to create SMD: Software of Mass Destruction
Appropriate quote from Politico on the US presidential campaign candidate:
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
And some buthurt moderator mods N1AK offtopic for pointing that out.
Watch this Heartland Institute video
When today's dumbfuck generation tries trolling and all you can do is facepalm...
Someone cue the face palming cows please...
or would that be face hoofing cows?
Because that would have to really hurt...
I have to stop now, I've run out of ellipses,,,
You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
The only problem with your analysis is that currently, the false grandparent is at +1 Informative, and the correcting parent is at +4 Informative.
Slashdot definitely has big problems with its moderation system, but this doesn't look like one of them. Of course, we could also argue that your post pointing out this stupidity is what shined light on this particular instance and it got corrected quickly as a result.
But I'll say it again, as I've complained countless times before: the "feature" where you can't post in any discussion where you moderate is utterly stupid, and as a result, I simply never moderate at all.
Might as well bring back Nazi Germany too.
Or Nazi UK. Where, if they ask you for the password and you refuse you can go to jail until you agree.
In the free world the media isn't government run; the government is media run.
The major problem is that most of the markets don't actually care about privacy in these contexts. Your standard iPhone user wouldn't know privacy from their privates.
Yes, everyone agrees that losing privacy is bad, but rarely does anyone know what that entails except for a relatively small informed group.
Patience is a virtue.
Look back up at my post, now look back down, you're on the Internet. Now look back up. I'm a signature.
Only outlaws will have encryption. And you won't be able to recognize it as such, it'll come in the form of steganography, or code talking that looks like mundane communications. The whole anti-encryption thing is a boondoggle, and only helps to catch the low-hanging fruit, that which is too stupid to even try to cover their tracks. And that's even if they have the time and energy to scan every piece of data for that low hanging fruit, to find the needles in the haystacks. The recent attackers in France weren't even using encryption, and they weren't able to prevent the attacks. Banning encryption isn't going to change that.
This is just a few conservatives sponsoring a bill. How many times have we been laughed at for Pi = 3 or teaching the Fred Flintstone theory of evolution.
Have gnu, will travel.
And Godwin's law is yet again validated. https://en.wikipedia.org/wiki/...
How so? As long as it is actually on topic and appropriate, such as now talking about totalitarian ideologies, it is not Godwins law. To quote your link,
https://en.wikipedia.org/wiki/Inverted_totalitarianism
And now grandparent doesn't exist, and parent is +5 informative in response to a nonexistent comment. This is bullshit.
Please do! Don't hesitate, can we somehow support you?
France bugs out of the data center business and pretty much nixes its cloud storage industry. If only some other European countries could follow, we could become the data center of Europe!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Which terrorists will this stop? The cats out of the bag on strong encryption. You can force every hardware manufacturer to sell machines pre-installed with weak encryption, and nothing stops terrorists (or anybody) from replacing this software with strong encryption. You can't stop the spread of strong encryption because it's math.
The best you can hope for is to mandate that every citizen allow you to read their personal data, and hope that the ones that refuse are the terrorists.
And even if that somehow magically works, you can be congratulated for turning a first world country into a shithole just like where terrorists come from, and you can start breeding homegrown terrorists angry at the totalitarian regimes they are oppressed by.
Another problem is that we can;t read minds yet. Terrorists could be holding all sorts of secrets that they haven't stored in digital files or on paper. Maybe we should pass a law mandating that brains come with weak encryption and band whispering.
I agree moderating a reply to you or yourself should not be allowed, or possibly someone you replied to. But just because made post in a story shouldn't stop you moderating I generally read post in articles that I am interested in so it severely limits the moderation I can do. Also I think you should be able to change a moderation, I you read a post and think it is valid and then good counter argument is presented you should be able to change your mind.
You think? Given all the negative mods every post in this particular thread has gotten?
"France must take the initiative and force device manufacturers to take into consideration the imperative of access for law enforcement officers"
No, fuck law enforcement officers in this regard.
They exist to serve and protect the citizens, but all government agencies everywhere have forgotten this...
France must take the initiative and force device manufacturers to take into consideration the imperative of access for law enforcement officers, under the control of a judge and only in the case of an investigation, to those devices.
The only problem is that there is no such thing. Asking for government-only access to decryption is like asking for government-only access to perpetual motion, you know, in case we run out of power from other sources.
https://www.eff.org/https-everywhere
This just in......French Conservatives Push Law To Make Pi Equal to 3.0
Next up, French Conservatives Push Law To Make Kids Turn That Darn Music Down
French Conservatives Push Law To Stop People From Thinking Bad Thoughts
Just cruising through this digital world at 33 1/3 rpm...
about this proposed French law.
d9gtj3ld9g73jgljtgud;4gh0y0jjokdgs.dd954kqfakva
Where are we going and why are we in a handbasket?
The problem is that it's not fine-grained enough. You shouldn't be able to down-mod a reply to your post, but you should be able to moderate posts in completely different threads for the same article. SoylentNews allows this (and uses Slashcode, so it's not like it can't be done here).
or, at least, highly secured.
Or in this case, made so insecure as to be useless!
With the bonus of completely ignoring the fundamental fact that anybody with a bit of skill can write their own encryption software. Its not that hard if you have a good book on the subject and some programming knowledge -- at least not to make a simple chat app or whatever. Integrating your personal encryption scheme with popular websites/apps/devices is another question of course, but if all you're looking for is purely the ability to pass secure commands to your subordinates.. its pretty easy.
A Muzzie w/ mod points! That explains it all
Generalization. This American Republican thinks that strong encryption is a right, and that backdoors for anyone's use violate basic principles. There is a reasonably large faction within the MN GOP that certainly agrees with me, but Slashdot might not hear from them.
"There is no god but allah" - well, they got it half right.
Once the payment systems make their case, the bill will die. And it will die when people get into encrypted databases because someone in the government allowed the key and knowledge to backdoors to become common knowledge.
Leslie Satenstein Montreal Quebec Canada
But then you can just built automatic analyzers and flag anyone using the strong stuff.
Explosives can also be carried in rectum or vagina. But otherwise as a nudist, I'm all for it.
It's "well-regulated militia", and SCOTUS has already ruled that it's the second part that's more important, and of particular interest in firearms ownership and carry. Consider this: would that there were actual armed citizens present, with appropriate training, would 9/11 have been able to happen?
Mods: kill both this and parent, we're off-topic.
I think you hit the nail on the head with your "planting it" comment. There's no available computer power to search all the data in realtime, only to sift through it after the fact. Thus, it becomes all about catching someone after the fact rather than catching them before something happens. With such a system ripe for abuse, it becomes trivial to invent a crime where none may have existed so as to dispose of "undesirables." It's already been mentioned somewhere that surveillance is reaching for ever-more encroaching levels, but to what extent? What does the government hope to achieve?
I think they've seen the writing on the wall, that sooner or later our shaky systems of finance and employment are on the verge of a massive correction in the form of a significant crash, and they're hoping that by enslaving us all they can ensure their survival in the face of a massive public uprising, but that's just between you, me, and the microphone-laden wall. It won't work, never has, and likely never will. All that this will ultimately succeed in doing is guaranteeing a much harder swing-back of the pendulum when things finally do let go.
Dear Business person ; We know you are interested in . , .
receiving amazing news . We will comply with all removal
requests . This mail is being sent in compliance with
Senate bill 1623 , Title 3 , Section 305 ! Do NOT confuse
us with Internet scam artists . Why work for somebody
else when you can become rich within 26 months . Have
you ever noticed how long the line-ups are at bank
machines and the baby boomers are more demanding than
their parents . Well, now is your chance to capitalize
on this ! WE will help YOU turn your business into
an E-BUSINESS plus deliver goods right to the customer's
doorstep . You are guaranteed to succeed because we
take all the risk . But don't believe us ! Prof Ames
who resides in Alaska tried us and says "Now I'm rich,
Rich, RICH" ! We assure you that we operate within
all applicable laws . We implore you - act now ! Sign
up a friend and your friend will be rich too . Thanks
. Dear Cybercitizen ; This letter was specially selected
to be sent to you ! We will comply with all removal
requests . This mail is being sent in compliance with
Senate bill 2416 , Title 9 ; Section 305 . This is
a ligitimate business proposal . Why work for somebody
else when you can become rich as few as 30 weeks
Have you ever noticed nobody is getting any younger
and more people than ever are surfing the web ! Well,
now is your chance to capitalize on this ! WE will
help YOU turn your business into an E-BUSINESS and
increase customer response by 130% ! The best thing
about our system is that it is absolutely risk free
for you ! But don't believe us . Ms Ames of South Dakota
tried us and says "I was skeptical but it worked for
me" ! We are licensed to operate in all states ! You
have no reason not to act now . Sign up a friend and
you get half off . Thanks . Dear Cybercitizen , Thank-you
for your interest in our publication . If you no longer
wish to receive our publications simply reply with
a Subject: of "REMOVE" and you will immediately be
removed from our mailing list . This mail is being
sent in compliance with Senate bill 2616 ; Title 8
, Section 301 ! Do NOT confuse us with Internet scam
artists ! Why work for somebody else when you can become
rich inside 62 months . Have you ever noticed how long
the line-ups are at bank machines and nobody is getting
any younger ! Well, now is your chance to capitalize
on this . WE will help YOU deliver goods right to the
customer's doorstep and sell more . You can begin at
absolutely no cost to you ! But don't believe us !
Mrs Jones who resides in Washington tried us and says
"I was skeptical but it worked for me" ! This offer
is 100% legal . For the sake of your family order now
! Sign up a friend and you get half off ! Thank-you
for your serious consideration of our offer ! Dear
Friend ; Especially for you - this red-hot intelligence
! We will comply with all removal requests . This mail
is being sent in compliance with Senate bill 1624
Title 4 , Section 307 ! This is NOT unsolicited bulk
mail . Why work for somebody else when you can become
rich as few as 72 WEEKS ! Have you ever noticed nobody
is getting any younger plus nobody is getting any younger
. Well, now is your chance to capitalize on this
We will help you deliver goods right to the customer's
doorstep & use credit cards on your website ! You can
begin at absolutely no cost to you ! But don't believe
us . Prof Jones of Alaska tried us and says "My only
problem now is where to park all my cars" . We are
licensed to operate in all states ! Don't delay - order
today . Sign up a friend and you get half off ! Thank-you
for your serious consideration of our offer ! Dear
Decision maker ; Especially for you - this amazing
news ! If you no longer wish to receive our publications
simply reply with a Subject: of "REMOVE" and you will
immediately be removed from our mailing list . This
mail is being
Comparing a modern, (relatively) liberal democracy like the USA to the genocidal Nazi fascist regime isn't Godwin's law?