Paris Attacks Would Not Have Happened Without Crypto

An anonymous reader writes with a story at Ars Technica, citing a Yahoo News interview, that National Security Agency Director Michael Rogers has explicitly blamed the terrorist attacks which struck Paris last November on communications backed by strong crypto. From the article: Because of encrypted communications, he said, "we did not generate the insights ahead of time. Clearly, had we known, Paris would not have happened." Rogers did not explicitly re-launch the campaign waged by FBI director James Comey to force technology companies to provide a "golden key" to encrypted communications. Rogers called encryption "foundational to our future" and added that arguing over encryption backdoors was "a waste of time." But he did say that encryption was making the job of the NSA and law enforcement more difficult. The interview comes shortly after the FBI won an order requiring Apple to provide technical means to bypass the security measures preventing them from unlocking the iPhone 5C belonging to Syed Rizwan Farook. Farook, along with his wife, are responsible for the December mass shooting in San Bernardino, California."

Not this old info again

They keep trying, however the true fact remains no encryption was used by these terrorists.

Re: Not this old info again

[Jason+Levine]

They used the incidious ROT-26 encryption. How are police expected to bypass that?!!!

Re:Not this old info again

[alphatel]

They keep trying, however the true fact remains no encryption was used by these terrorists.

Nor would it have helped prevent 9/11. Encryption is nothing. Intelligence and cooperation are everything.

Re:Not this old info again

[Thud457]

liar caught lying again.

Hey NSA, &other FED LEOs - don't destroy the infrastructure of the world economy with your abject incompetence. You can't even effectively make use of the encrypted data you already collect.

Re:Not this old info again

That's beside the point anyway. It doesn't fucking matter. If they had used encryption, would we start falling over ourselves to give the government back doors? No. The discussion shouldn't be about whether or not they used encryption. Part of me thinks that they keep repeating this shit over and over so that when we do get an attack in which the attackers use encryption (yeah, I'm intentionally avoiding all forms of the word "terror"), that will already be the frame of the discussion and we'll have to backpedal to get back to the "it doesn't fucking matter" that we should have been stressing in the first place.

Re:Not this old info again

[d4fseeker]

While I do agree with you, it's basically the same point underneath. Proving that attacks without encryption could not be stopped shows that encryption does not really matter in the first place. And as such we've landed on your standpoint. What some political dimwits are not getting is that no trained attacker would be stupid enough to make the information publicly available. Be it through encryption, obscurity or just by having the plans drain in the sea of useless information surrounding it... there are always methods of getting something done in secrecy.

Re: Not this old info again

[ichthus]

Well, ultimately, he was Brute forced to die.

Re:Not this old info again

[Vlad_the_Inhaler]

Actually, their lies go far deeper than that. The terrorist group involved have a glossy color magazine called Dabiq. Apparently that magazine carried an interview with the leader of the Brussels / Paris cell where he announced that he was planning to hit Paris. Several months before the attacks. I wonder if any of the secret services read the thing, it is in English.

Re: Not this old info again

[Victor_0x53h]

Terrible. I've never wanted mod someone down for a joke before.

Re:Not this old info again

It appears that your first link is regarding a different Mike Rogers - Representative Mike Rogers from Michigan, whereas the gentleman in the article linked in the story is Vice Admiral Mike Rogers, NSA Director.

Its confusing that there are 2 prominent political representatives named Mike Rogers as well as the director of the NSA, and that at lest 2 of the 3 are talking about crypto issues, but to keep the lines clear and make proper arguments, particularly about the veracity of someone's statements, its best to be clear on the facts.

Re: Not this old info again

Caesar's assassins used the ET-2 scheme.

Re:Not this old info again

[Hognoxious]

Just to add to the confusion, there's another one from Alabama.

https://en.wikipedia.org/wiki/...

Someone needs to put a stop to all this shit.

Re: Not this old info again

[Locke2005]

I always do ROT13 twice, to be doubly secure!

Re:Not this old info again

[Solandri]

It's not quite that simple. There's an apocryphal story that right after the Cold War ended, senior officials from the KGB and CIA met one night for drinks and got to talking about their espionage exploits. The CIA people said how easy it must've been for the KGB to infiltrate an open society like the U.S. Able to blend in with the population, travel freely, and get access to documents while posing as regular citizens. The KGB people said on the contrary it was extraordinarily difficult. While the U.S. secrets were mostly all out there, they were mixed in with an ocean of tabloid and conspiracy publications an open society produces. They had to waste tremendous resources trying to figure out of that National Enquirer story about the U.S. having captured aliens and their UFO was made up, or if there really was some truth behind it.

That's what you have to deal with with open publications. Yeah western inellignece can read Dabiq. But ISIS also knows that they can read it. Thus it becomes a perfect platform for feeding western intelligence agencies disinformation. Anything that's openly published that way has to be taken with a huge grain of salt unless it's corroborated by other intelligence. The reason why intelligence agencies are so desperate to break crypto is because if you're encrypting something, you're presumably doing so because it contains information you don't want foreign intelligence agencies to read. Thus it is precisely the type of stuff intelligence agencies want to be able to read.

That's not to say we should roll over and let NSA put backdoors in everything. If they get that, then ISIS knows and can start poisoning their encrypted communications with disinformation, while pulling their real communication behind a higher level of encryption. No, in order for what the NSA wants to work, they would have to insert backdoors but also keep those backdoors secret from the public. My best guess is the western intelligence agencies are raising the spectre of backdoors in encryption software they know they can't break, in the hopes it scares groups like ISIS into using different encryption tools. Perhaps ones they can already break. Or maybe ISIS will try to write their own encryption software, which is notoriously difficult and can easily result in flaws which can be exploited by intelligence agencies to help them crack it.

Re:Not this old info again

[pregister]

They should be signing their comments and press releases with a PGP key to avoid confusion.

Re: Not this old info again

[ZeroWaiteState]

Of course I have skin in the game, but flavor-of-month Jihad organization isn't the only threat in my threat model, and recent revelations have been pretty clear about one thing: the increased desire for "insights" is only about 5% concerned with terrorism as a criminal matter and 95% concerned with other authorized purposes and objectives, which chiefly involve affecting geopolitical change. That's why we bug Merkel's phone, even though she's not a terrorist. The "before it's too late" argument was used to justify massive nuclear armament during the Cold War, and instead of making everyone safer, it came very close to extinguishing civilization on this planet. We're in a similar arms race now, only its on smart devices instead of warheads (at least for now). If you want your kids to grow up in a world where everyone is afraid their kitchen appliances may decide one day to kill them, then please continue support for militarizing consumer goods.

Wait...

[93+Escort+Wagon]

I thought the reason the French police were able to find the attacker's apartments, accomplices, and so on very quickly was because the attackers used regular unencrypted methods of communication, such as SMS?

Re:Wait...

[postbigbang]

You succumbed to that propaganda, too, eh?

Oops, I mean the truth.

Re:Wait...

[mellon]

Yes, and indeed the referenced article says that we had two months of warning and did a drone strike to take out the command and control operation (or, more likely, some goat herders). And that wasn't enough to prevent the attack. If there's a lesson here, it's that this is an asymmetrical problem, and fixing it is going to require addressing underlying causes, not throwing cash and civil liberties on the bonfire in a futile attempt to even things up.

Re:Wait...

[Feral+Nerd]

Yes, and indeed the referenced article says that we had two months of warning and did a drone strike to take out the command and control operation (or, more likely, some goat herders). And that wasn't enough to prevent the attack. If there's a lesson here, it's that this is an asymmetrical problem, and fixing it is going to require addressing underlying causes, not throwing cash and civil liberties on the bonfire in a futile attempt to even things up.

But it's so much easier to throw cash, guns and draconian prison sentences at a problem than tackling the root cause? I mean, just take one look at how successful the war on drugs has been!!!

Bollocks

[some+old+guy]

Mohammed Atta et al weren't using encrypted communications, just AOL and flip phones. Yet the TLA's totally screwed the pooch on 9/11.

A .125 batter can't keep blaming the bat forever.

Re:Bollocks

[bkr1_2k]

What you believe isn't necessarily what is "generally believed" anywhere in the world, USA or otherwise. I have been on 3 different continents since 9/11 and talked to literally thousands of people and not one person (who used logic in any other part of their lives) has indicated they have any belief that the US government was behind those attacks. The only people I've ever seen indicate that are "anti-establishment" types who are either seriously strung out on drugs (or were at one point) or are proponents of anarchy. I've never met a single person who presented reasonable evidence (not hearsay) to support the claim that the US government did it. The talk of jet fuel burning temperature and melting point of steel and all that other nonsense is demonstrably proven false every single time. Every single bit of "evidence" to show the government did this. Now, tell me they knew something was going to happen and failed to act and I'd believe that in a heartbeat.

Re:Bollocks

[Dutch+Gun]

It amazes me that most American still believe their government's official story of 9/11. Elsewhere in the world, people generally accepted the US government blew up their own buildings.

Yeah, it's not like we saw terrorists fly planes into buildings on almost-live TV or anything. And it's not like we saw the government drop a collective load when it happened, generally looking like idiots for not being able to sniff out the plot or stop them despite plenty of warning signs. It's not like we heard first-hand from very brave eyewitnesses that tried to commandeer a fourth plane that was likely destined to hit the white house or capitol building. And it's not like any terrorists organizations claimed credit for the attack.

I think the most damning bit of counter-evidence is the fact that it would require some crazy level of competence and cunning to successfully pull off the most audacious false flag operation in the history of humankind. That doesn't remotely begin to describe the federal government I know.

I mean, hell, they can't even hack into a locked iPhone.

Re:Bollocks

[gstoddart]

Fun fact; In the entire history of modern skyscrapers there have only been three situations where a building has collapsed into it's own foot print as a result of a fire.

Yeah, and just how many other buildings have had a fully loaded airliner full of fuel go crashing into them as the start of that fire?

What's that? None?

Sorry, but the giant holes caused by the crashing planes and the sustained fire from a full load of fuel is pretty different from any other building fire ever.

Watching an airplane fly into the building and then cause the fire is very different from anything else ... I was watching live, and I aint no engineer, but I turned to someone and said "this building is going to collapse any time now" ... the mechanical damage and fire left an awful lot of structure with an ever-decreasing amount of support.

So, tell me, in the entire history of modern skyscrapers ... exactly how many have had airliners crash into them?

Crypto?

[meta-monkey]

The Paris attacks wouldn't have happened without crypto? That's a funny way to spell "Islam."

Re:Crypto?

The Paris attacks wouldn't have happened wihtout fanatism, extremist religions, guns, cars, street, stupidity, breathing, reproduction, the big bang and maybe good wine.

Re:Crypto?

[ganjadude]

pretty sure it was islam in this case.... lets stop pretending that christians, buddists and hindus are out there blowing up buildings and mass shooting people (in the name of their religion) on a literal daily basis

Re:Crypto?

[TigerNut]

Your goggles are on too tight... you don't have to look very far back in time to find the IRA and other Christian groups doing their thing. Remember also the Tokyo ricin attacks? That was some local cult. How about David Koresh and Jim Jones?

Re:Crypto?

[Gr8Apes]

That's true, and guess who stopped them? Let's see the rest of the Muslim world actively target their own extremists. Currently I see little, ok, no meaningful action and even tacit or open support under the guise of the "enemy of my enemy is my friend" line of thinking. Perhaps this impression is why so many equate Islam with the extremist terrorists?

Religion itself is a problem, in any guise. All religions have had their followers commit atrocities. Even buddhists who claim to revere life and peace as the core of their religion have killed and tortured in the name of their religion. Religion is a dividing force in society, and no peace will be had as long as religion exerts strong influences over people.

Re:Crypto?

[DRMShill]

I beg to differ: http://www.theonion.com/articl...

Re:Crypto?

[meta-monkey]

This is the classic marxist failure to understand human nature. Marx reduced all struggle to class struggle. Race doesn't matter! Only class. Sex doesn't matter! Only class. Religion just fools people into failing to realize their class consciousness!

No. All of these things matter to people. "Economic marginalization" does not explain Islamic terror, since lots and lots of Islamic terrorists are not marginalized. Bin Laden was rich. The San Bernardino shooter had a comfy government job. Brits, Canadians, Americans and Australian middle class muslims all signed up for ISIS. Many of the Paris attackers were second generation immigrants.

The truth is very simple: religion matters to people, and Islamic terrorists kill because they believe Allah wants them to kill. At its creation 1400 years ago Islam declared war on the world and it absolutely will not stop until it is defeated or victorious. It is just that simple and just that horrifying. Pretending you can buy them off with jobs and benefits is wishful thinking. Suicidally dangerous wishful thinking.

[Citation Needed]

[thomas.galvin]

Bullshit. The Paris attackers did not use encrypted communications.

Was this an intelligence failure? Possibly. Was it an intelligence failure due to a lack of backdoors and/or laws against cryptography? Absolutely not.

I blame the Automotive Industry

[bigdady92]

because how else could the attackers have been in so many places at once. Magic? Jet Packs?!?!? Why it's the Car's that they drove to those locations that enabled them to murderate all those people. If we would just get rid of all cars in Paris this would never happen again.

Hello Pinocchio

[oh_my_080980980]

FTA: Rogers' claims about Paris contradict the information that came out of France following the attacks. There were claims by former US intelligence officials that encrypted communications had been used by the Islamic State affiliated terrorists in the immediate wake of the attacks. But those claims were largely dismissed by French authorities when they looked at the actual communications on devices recovered from the group. According to statements from French law enforcement, the attackers had used standard SMS messages to communicate—not encrypted messaging apps on smartphones. http://arstechnica.com/tech-po...

important to distinguish

[nimbius]

Syed Rizwan Farook: political power grab to set a precedent for forcing manufacturers to decrypt the private data of their customers. both shooters are dead. their motive and operation are both known. we're chasing ghosts to advance an agenda.

attacks which struck Paris last November: are the result of a determined minority of disenfranchised extremists with nothing left to lose. a 65 year policy of proxy wars and foreign backed government coups to install lifelong dictators has left them jaded and dead inside. these are truly desperate people, clinging to $diety for some hope of retribution and justice against a system of international dominionist and interventionalist policy that has ultimately led them to perpetual misery. the solution is not to backdoor every crypto, but make structural and systemic changes in a concerted multinational fashion to help reduce and eliminate the instances of and impact from blind foreign intervention to advance imperialistic goals championed by 18th century conquistadors and feudal lords.

Re:important to distinguish

[110010001000]

Give me a break. The mastermind of the Paris attack was born in Belgium and his dad was a shopkeeper. They weren't desperate or dead inside or in misery. They were radicalized by religious people IN EUROPE who have their own agenda.

Re:Haven't we already debunked this?

[mujadaddy]

Repeating it again and again doesn't make it true.

Unfortunately, this is not accurate.

Headline

[wonkey_monkey]

Paris Attacks Would Not Have Happened Without Crypto

That should really have been put in quotes to make it clear that this is what some guy is saying, and not anything remotely approaching a fact.

And even if technically true, the implications behind the making of the statement should probably be taken with a pinch of salt.

Banning crypto is an old and flawed idea.

[JavaBear]

Crooks and terrorists won't care about a ban, and the "law abiding" people will be left entirely vulnerable to those crooks and criminals.

I doubt anyone can tell if any given post is using a strong or weakened cipher, at least not without some deep analysis of the data, effectively ruling out internet traffic, meaning their only "effective" ban would be to ban anything not sent in clear text.
I'm no psychic, but I can easily see how well that'll play out.

Re:This is a bold headline

[Pseudonymous+Powers]

For some reason, the editors took the "NSA Director Says" part off the front of the original headline. I'm not sure why they'd do that. Maybe they wanted to increase the percentage of people who would actually read the article, since many of us have learned to stop paying attention whenever we see the words "NSA Director says", because what comes after that is always complete nonsense.

Re:And this is why Republicans...

[sunderland56]

Wait, you mean those speeches at the debates were *encrypted*? Well, that makes sense now; what they were saying made no logical sense in English.

We Can't Ever Fix This

[Bruce+Perens]

The encryption that criminals are using now is the kind that we can break. If we insist on putting back-doors in it, they will move to the one-time-pad, which we can't ever break if it is used properly. To explain why, have your friend make a coin flip and keep whether it's heads or tails secret from you. Now, write a computer program to tell you what the coin flip was :-)

The one-time pad is 1000 times simpler than public-key encryption and trivial to put in an app.

Re:Haven't we already debunked this?

[Chris+Mattern]

Repeating it again and again doesn't make it true, it only makes it truthy. Which, alas, seems to be good enough for a lot of people.

Re: And this is why Republicans...

[jedidiah]

They don't need to "hide" anything. You're failing to acknowledge the scale of the problem. You simply can't watch everyone. Trying to do so is a fool's errand.

Ultimately the only thing you will do is compromise everyone else's security.

The idea that they could have stopped it if only they could have spied on more people is a moronic, innumerate, fantasy.

It will happen

[Sloppy]

It will happen someday, though.

A terrorist will buy a set of Star Trek steak knives over eBay and they'll use HTTPS to transmit their eBay password. A future terrorist will lock the door of their house (why are these people even allowed to have locks, anyway?) and his wife will plaintext email him, "Did you lock the house? Remember, we're going to that party right after work tonight," and he'll say "quit telling all the snoops on the Internet which days our house has no one home," and they'll start encrypting their personal conversations. And that'll be that: they'll be encryption users too, just like the rest of us.

Some day, a terrorist is going to use a motor vehicle to travel from their home to the site of their terror.

Some day, a terrorist will use an alarm clock, instead of the sun, to get up at the correct time.

We need to face the facts: technology is bad. Anything that empowers humanity, can be used by humanity in the service of bad things. Power is bad. Capability is bad. Failing to starve when the gods wants you to starve is bad, and being immune to smallpox is bad and is why the gods have to invent new ones, like AIDS. It's time to end this nonsense of technology, and go back up into the trees. Because the apes in the trees never do anything bad to one another.

The reason I know that apes never try to harm one another, is because I carefully cultivate shocking ignorance about anthro-- er I mean -- zoology -- no, wait -- I mean biology since plants also do ev-- no wait: game theory. Well, I mean, statistics. I try to remain ignorance of mathematics and everything which stands upon or can be modelled by mathematics.

And you can too. Join me in giving a fuck about whether or not bad people use the same technology as good people.

What could go wrong ...

[DrYak]

Dark skinned guy crossing borders and using encryption, what could be more suspicious?

What could be more suspicious ?
Adi Shamir trying to attend the Cryptology conference he did start him-self in the 80s ?

According to the US that's even worse.

Re: And this is why Republicans...

[Locke2005]

100% agree, This statement appears to be based on the assumption that criminals are too stupid to implement their own one-time pad encryption system. 100% secure encryption has been possible for hundreds of years... criminals only use commercially available solutions because they are easily available, cheap, and easy. I also get a "methinks the maiden doth protest too much" feeling regarding all the whining about Apple not unlocking a phone for the FBI. If the NSA already had a way of unlocking iPhones, wouldn't they being doing everything in their power to convince criminals it was 100% secure? Lure them into a false sense of security then monitor all their data via a remote hack would be the fed's wet dream.