Slashdot Mirror

← Back to Stories (view on slashdot.org)

Paris Attacks Would Not Have Happened Without Crypto (arstechnica.com)

Posted by timothy on from the don't-you-love-children? dept.

An anonymous reader writes with a story at Ars Technica, citing a Yahoo News interview, that National Security Agency Director Michael Rogers has explicitly blamed the terrorist attacks which struck Paris last November on communications backed by strong crypto. From the article: Because of encrypted communications, he said, "we did not generate the insights ahead of time. Clearly, had we known, Paris would not have happened." Rogers did not explicitly re-launch the campaign waged by FBI director James Comey to force technology companies to provide a "golden key" to encrypted communications. Rogers called encryption "foundational to our future" and added that arguing over encryption backdoors was "a waste of time." But he did say that encryption was making the job of the NSA and law enforcement more difficult. The interview comes shortly after the FBI won an order requiring Apple to provide technical means to bypass the security measures preventing them from unlocking the iPhone 5C belonging to Syed Rizwan Farook. Farook, along with his wife, are responsible for the December mass shooting in San Bernardino, California."

27 of 521 comments (clear)

  1. Not this old info again by Anonymous Coward · · Score: 5, Insightful

    They keep trying, however the true fact remains no encryption was used by these terrorists.

    1. Re:Not this old info again by alphatel · · Score: 5, Insightful

      They keep trying, however the true fact remains no encryption was used by these terrorists.

      Nor would it have helped prevent 9/11. Encryption is nothing. Intelligence and cooperation are everything.

      --
      When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
    2. Re:Not this old info again by Thud457 · · Score: 5, Insightful

      liar caught lying again.

      Hey NSA, &other FED LEOs - don't destroy the infrastructure of the world economy with your abject incompetence. You can't even effectively make use of the encrypted data you already collect.

      --

      the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

    3. Re:Not this old info again by Anonymous Coward · · Score: 5, Insightful

      That's beside the point anyway. It doesn't fucking matter. If they had used encryption, would we start falling over ourselves to give the government back doors? No. The discussion shouldn't be about whether or not they used encryption. Part of me thinks that they keep repeating this shit over and over so that when we do get an attack in which the attackers use encryption (yeah, I'm intentionally avoiding all forms of the word "terror"), that will already be the frame of the discussion and we'll have to backpedal to get back to the "it doesn't fucking matter" that we should have been stressing in the first place.

    4. Re:Not this old info again by d4fseeker · · Score: 5, Insightful

      While I do agree with you, it's basically the same point underneath. Proving that attacks without encryption could not be stopped shows that encryption does not really matter in the first place. And as such we've landed on your standpoint. What some political dimwits are not getting is that no trained attacker would be stupid enough to make the information publicly available. Be it through encryption, obscurity or just by having the plans drain in the sea of useless information surrounding it... there are always methods of getting something done in secrecy.

    5. Re:Not this old info again by Anonymous Coward · · Score: 2, Insightful

      If there was encryption and it was the only thing standing in the way of preventing the attacks then it would imply 2 things:

      1. The people who carried out the attacks were known to the intelligence community and their communications were being intercepted.
      2. The intelligence community knew that suspected terrorists were communicating with each other using secure communications.

      This would mean that the intelligence officials knew that something was going on and who was involved but lacked the details. To suggest that they had no other means of investigating or collecting information about suspected terrorists is a blatant lie. If it is indeed true then it would show incompetence. It would imply they they suspected something bad was going to happen but did nothing because they couldn't do the intelligence gathering from their computers and refused to go out and physically do their jobs. If they are too fat and lazy to leave their computer screens and protect people then they are incompetent and should be fired.

    6. Re: Not this old info again by ZeroWaiteState · · Score: 4, Insightful

      Of course I have skin in the game, but flavor-of-month Jihad organization isn't the only threat in my threat model, and recent revelations have been pretty clear about one thing: the increased desire for "insights" is only about 5% concerned with terrorism as a criminal matter and 95% concerned with other authorized purposes and objectives, which chiefly involve affecting geopolitical change. That's why we bug Merkel's phone, even though she's not a terrorist. The "before it's too late" argument was used to justify massive nuclear armament during the Cold War, and instead of making everyone safer, it came very close to extinguishing civilization on this planet. We're in a similar arms race now, only its on smart devices instead of warheads (at least for now). If you want your kids to grow up in a world where everyone is afraid their kitchen appliances may decide one day to kill them, then please continue support for militarizing consumer goods.

  2. Wait... by 93+Escort+Wagon · · Score: 5, Insightful

    I thought the reason the French police were able to find the attacker's apartments, accomplices, and so on very quickly was because the attackers used regular unencrypted methods of communication, such as SMS?

    --
    #DeleteChrome
    1. Re:Wait... by mellon · · Score: 4, Insightful

      Yes, and indeed the referenced article says that we had two months of warning and did a drone strike to take out the command and control operation (or, more likely, some goat herders). And that wasn't enough to prevent the attack. If there's a lesson here, it's that this is an asymmetrical problem, and fixing it is going to require addressing underlying causes, not throwing cash and civil liberties on the bonfire in a futile attempt to even things up.

    2. Re:Wait... by Feral+Nerd · · Score: 5, Insightful

      Yes, and indeed the referenced article says that we had two months of warning and did a drone strike to take out the command and control operation (or, more likely, some goat herders). And that wasn't enough to prevent the attack. If there's a lesson here, it's that this is an asymmetrical problem, and fixing it is going to require addressing underlying causes, not throwing cash and civil liberties on the bonfire in a futile attempt to even things up.

      But it's so much easier to throw cash, guns and draconian prison sentences at a problem than tackling the root cause? I mean, just take one look at how successful the war on drugs has been!!!

    3. Re:Wait... by Anonymous Coward · · Score: 1, Insightful

      But it's so much easier to throw cash, guns and draconian prison sentences at a problem than tackling the root cause? I mean, just take one look at how successful the war on drugs has been!!!

      Indeed! Very beneficial to the prison industry.

  3. Bollocks by some+old+guy · · Score: 5, Insightful

    Mohammed Atta et al weren't using encrypted communications, just AOL and flip phones. Yet the TLA's totally screwed the pooch on 9/11.

    A .125 batter can't keep blaming the bat forever.

    --
    Scruting the inscrutable for over 50 years.
    1. Re:Bollocks by Dutch+Gun · · Score: 4, Insightful

      It amazes me that most American still believe their government's official story of 9/11. Elsewhere in the world, people generally accepted the US government blew up their own buildings.

      Yeah, it's not like we saw terrorists fly planes into buildings on almost-live TV or anything. And it's not like we saw the government drop a collective load when it happened, generally looking like idiots for not being able to sniff out the plot or stop them despite plenty of warning signs. It's not like we heard first-hand from very brave eyewitnesses that tried to commandeer a fourth plane that was likely destined to hit the white house or capitol building. And it's not like any terrorists organizations claimed credit for the attack.

      I think the most damning bit of counter-evidence is the fact that it would require some crazy level of competence and cunning to successfully pull off the most audacious false flag operation in the history of humankind. That doesn't remotely begin to describe the federal government I know.

      I mean, hell, they can't even hack into a locked iPhone.

      --
      Irony: Agile development has too much intertia to be abandoned now.
    2. Re:Bollocks by gstoddart · · Score: 4, Insightful

      Fun fact; In the entire history of modern skyscrapers there have only been three situations where a building has collapsed into it's own foot print as a result of a fire.

      Yeah, and just how many other buildings have had a fully loaded airliner full of fuel go crashing into them as the start of that fire?

      What's that? None?

      Sorry, but the giant holes caused by the crashing planes and the sustained fire from a full load of fuel is pretty different from any other building fire ever.

      Watching an airplane fly into the building and then cause the fire is very different from anything else ... I was watching live, and I aint no engineer, but I turned to someone and said "this building is going to collapse any time now" ... the mechanical damage and fire left an awful lot of structure with an ever-decreasing amount of support.

      So, tell me, in the entire history of modern skyscrapers ... exactly how many have had airliners crash into them?

      --
      Lost at C:>. Found at C.
  4. Crypto? by meta-monkey · · Score: 3, Insightful

    The Paris attacks wouldn't have happened without crypto? That's a funny way to spell "Islam."

    --
    We don't have a state-run media we have a media-run state.
    1. Re:Crypto? by Limburgher · · Score: 2, Insightful

      The Paris attacks wouldn't have happened without crypto? That's a funny way to spell "Religious Extremism."

      TFTFY

      --

      You are not the customer.

    2. Re:Crypto? by Anonymous Coward · · Score: 5, Insightful

      The Paris attacks wouldn't have happened wihtout fanatism, extremist religions, guns, cars, street, stupidity, breathing, reproduction, the big bang and maybe good wine.

    3. Re:Crypto? by ganjadude · · Score: 5, Insightful

      pretty sure it was islam in this case.... lets stop pretending that christians, buddists and hindus are out there blowing up buildings and mass shooting people (in the name of their religion) on a literal daily basis

      --
      have you seen my sig? there are many others like it but none that are the same
    4. Re:Crypto? by Gr8Apes · · Score: 3, Insightful

      That's true, and guess who stopped them? Let's see the rest of the Muslim world actively target their own extremists. Currently I see little, ok, no meaningful action and even tacit or open support under the guise of the "enemy of my enemy is my friend" line of thinking. Perhaps this impression is why so many equate Islam with the extremist terrorists?

      Religion itself is a problem, in any guise. All religions have had their followers commit atrocities. Even buddhists who claim to revere life and peace as the core of their religion have killed and tortured in the name of their religion. Religion is a dividing force in society, and no peace will be had as long as religion exerts strong influences over people.

      --
      The cesspool just got a check and balance.
    5. Re:Crypto? by meta-monkey · · Score: 4, Insightful

      This is the classic marxist failure to understand human nature. Marx reduced all struggle to class struggle. Race doesn't matter! Only class. Sex doesn't matter! Only class. Religion just fools people into failing to realize their class consciousness!

      No. All of these things matter to people. "Economic marginalization" does not explain Islamic terror, since lots and lots of Islamic terrorists are not marginalized. Bin Laden was rich. The San Bernardino shooter had a comfy government job. Brits, Canadians, Americans and Australian middle class muslims all signed up for ISIS. Many of the Paris attackers were second generation immigrants.

      The truth is very simple: religion matters to people, and Islamic terrorists kill because they believe Allah wants them to kill. At its creation 1400 years ago Islam declared war on the world and it absolutely will not stop until it is defeated or victorious. It is just that simple and just that horrifying. Pretending you can buy them off with jobs and benefits is wishful thinking. Suicidally dangerous wishful thinking.

      --
      We don't have a state-run media we have a media-run state.
  5. Re:Haven't we already debunked this? by mujadaddy · · Score: 4, Insightful

    Repeating it again and again doesn't make it true.

    Unfortunately, this is not accurate.

    --
    Populus vult decipi, ergo decipiatur...
    "Force shits upon Reason's back." - Poor Richard's Almanac
  6. Headline by wonkey_monkey · · Score: 5, Insightful

    Paris Attacks Would Not Have Happened Without Crypto

    That should really have been put in quotes to make it clear that this is what some guy is saying, and not anything remotely approaching a fact.

    And even if technically true, the implications behind the making of the statement should probably be taken with a pinch of salt.

    --
    systemd is Roko's Basilisk.
  7. Re:This is a bold headline by Pseudonymous+Powers · · Score: 4, Insightful

    For some reason, the editors took the "NSA Director Says" part off the front of the original headline. I'm not sure why they'd do that. Maybe they wanted to increase the percentage of people who would actually read the article, since many of us have learned to stop paying attention whenever we see the words "NSA Director says", because what comes after that is always complete nonsense.

  8. We Can't Ever Fix This by Bruce+Perens · · Score: 3, Insightful
    The encryption that criminals are using now is the kind that we can break. If we insist on putting back-doors in it, they will move to the one-time-pad, which we can't ever break if it is used properly. To explain why, have your friend make a coin flip and keep whether it's heads or tails secret from you. Now, write a computer program to tell you what the coin flip was :-)

    The one-time pad is 1000 times simpler than public-key encryption and trivial to put in an app.

    --
    Bruce Perens.
  9. Re: And this is why Republicans... by jedidiah · · Score: 3, Insightful

    They don't need to "hide" anything. You're failing to acknowledge the scale of the problem. You simply can't watch everyone. Trying to do so is a fool's errand.

    Ultimately the only thing you will do is compromise everyone else's security.

    The idea that they could have stopped it if only they could have spied on more people is a moronic, innumerate, fantasy.

    --
    A Pirate and a Puritan look the same on a balance sheet.
  10. It will happen by Sloppy · · Score: 5, Insightful

    It will happen someday, though.

    A terrorist will buy a set of Star Trek steak knives over eBay and they'll use HTTPS to transmit their eBay password. A future terrorist will lock the door of their house (why are these people even allowed to have locks, anyway?) and his wife will plaintext email him, "Did you lock the house? Remember, we're going to that party right after work tonight," and he'll say "quit telling all the snoops on the Internet which days our house has no one home," and they'll start encrypting their personal conversations. And that'll be that: they'll be encryption users too, just like the rest of us.

    Some day, a terrorist is going to use a motor vehicle to travel from their home to the site of their terror.

    Some day, a terrorist will use an alarm clock, instead of the sun, to get up at the correct time.

    We need to face the facts: technology is bad. Anything that empowers humanity, can be used by humanity in the service of bad things. Power is bad. Capability is bad. Failing to starve when the gods wants you to starve is bad, and being immune to smallpox is bad and is why the gods have to invent new ones, like AIDS. It's time to end this nonsense of technology, and go back up into the trees. Because the apes in the trees never do anything bad to one another.

    The reason I know that apes never try to harm one another, is because I carefully cultivate shocking ignorance about anthro-- er I mean -- zoology -- no, wait -- I mean biology since plants also do ev-- no wait: game theory. Well, I mean, statistics. I try to remain ignorance of mathematics and everything which stands upon or can be modelled by mathematics.

    And you can too. Join me in giving a fuck about whether or not bad people use the same technology as good people.

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  11. Re: And this is why Republicans... by Locke2005 · · Score: 4, Insightful

    100% agree, This statement appears to be based on the assumption that criminals are too stupid to implement their own one-time pad encryption system. 100% secure encryption has been possible for hundreds of years... criminals only use commercially available solutions because they are easily available, cheap, and easy. I also get a "methinks the maiden doth protest too much" feeling regarding all the whining about Apple not unlocking a phone for the FBI. If the NSA already had a way of unlocking iPhones, wouldn't they being doing everything in their power to convince criminals it was 100% secure? Lure them into a false sense of security then monitor all their data via a remote hack would be the fed's wet dream.

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.