Slashdot Mirror
Burr-Feinstein Anti-Encryption Bill Is Officially Released (techcrunch.com)
An anonymous reader quotes a report from TechCrunch: Senators Richard Burr and Dianne Feinstein released the official version of their anti-encryption bill today after a draft appeared online last week. The bill, titled the Compliance with Court Orders Act 2016, would require tech firms to decrypt customers' data at a court's request. The bill is not expected to get anywhere in the Senate. President Obama has also indicated that he will not support the bill, Reuters reports. The bill requires legislation requires communications services to backdoor their encryption in order to provide "intelligible information or data, or appropriate technical assistance to obtain such information or data." Sen. Feinstein stated, "The bill we have drafted would simply provide that, if a court of law issues an order to render technical assistance or provide decrypted data, the company or individual would be required to do so. Today, terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order. We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans."
Stupid question, but could a court order then demand, oh, Sen. Feinstein's help in ROT26 decrypting classified information?
An obvious knee-jerk reaction to the Apple case.
It will get only the low-hanging fruit - unsophisticated users.
Smart folks are using GPG, which is Free Software, distributed from outside the US, and is not controlled by or associated with any "communications service" that would have any ability to decrypt GPG-encrypted data without the appropriate private key.
Microsoft, Apple, and Google are all very much opposed to this. They also have massive amounts of money. We all know that contributions to campaign funds influences how politicians vote. Those companies absolutely have the collective power to kill legislation like this. As long as the real powers that be don't want this to be the law, it won't pass.
'It became necessary to destroy the town to save it', a United States major said today. He was talking about the decision by allied commanders to bomb and shell the town regardless of civilian casualties, to rout the Vietcong.
In the US, just over 3,000 people have died of terrorist attacks. In 21 years. How many millions die from car crashes alone each year? Are we going to start improving our public transit? No, of course not, because that's not the sexy ratings our senators here want.
The really sad part isthat these are people who voted in, they are not dictators or such. A majority of people are actually stupid enough to vote for such idiots, and it makes me wonder where our future is headed. Given the rather extreme views that have become fashionable over the last year, I don't think it's too far off we'll soon be looking at the level of control shown in Russia today. I sure hope it was worth losing our privacy, safety, and fundamental values to save us from those "evil terrorists", who haven't played a role in 99.999% of the population. Might I point out, that's not an exaggeration.
"Set a man a fire, he'll be warm for the rest of the night. Set a man afire, he'll be warm for the rest of his life."
All the time. Seriously, that's what terrorists do. Does anybody think it's a part-time thing or whatever? "Let's see Achmed... Tomorrow we'll go fishing, then we hit the beach and next week we'll plot to kill Americans. But it must be wednesday because I have bingo on monday and a garage sale on tuesday, and the rest of the week I have to fill in for Jamal who's having a jihad on non-recyclable grocery bags."
"We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans."
Can't have both, buddy.
This is pretty much the nail in the coffin.
If her prior activities that would make an Inspector General blanch weren't enough, this monstrosity is pretty much proof-positive of her loss of mental faculties.
Personal privacy always/forever trumps national security. End of story.
Terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order.
Yeah, right.
Oh, wait, the most recent terrorist attacks in Belgium were carried out using disposable one time cell phones without using encryption of any kind.
Who are those politicians are trying to fool? Why the terrorists cannot create their own encrypted applications which do not save any data whatsoever? I mean we already have Telegram, Wire and many other apps with P2P encryption and timers which pretty much guarantee no party will ever be able to restore or decrypt the content of conversations.
Stop them from getting away with that, by the courts! First, get floozies to stop murdering their unborns!
Vote Ted Cruz 2016
All-American Canadian
We would have the most secure borders in the world.
But we don't.
So they don't care.
Secure the borders then I might believe terrorism is actually a threat.
Until then, every single politician at every level can kindly go fuck themselves.
Burr-Feinstein Anti-Encryption Bill
I heard they're opening for Aerosmith next month.
systemd is Roko's Basilisk.
The proposal itself may be awful, the likely consequences would be good. This could very well be the final push for many companies processing personal information to finally leave the US and settle in a country less hostile to privacy.
Sometimes they plot to kill other people as well... just sayin'.
Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
The really sad part isthat these are people who voted in, they are not dictators or such. A majority of people are actually stupid enough to vote for such idiots, and it makes me wonder where our future is headed. Given the rather extreme views that have become fashionable over the last year, I don't think it's too far off we'll soon be looking at the level of control shown in Russia today. I sure hope it was worth losing our privacy, safety, and fundamental values to save us from those "evil terrorists", who haven't played a role in 99.999% of the population. Might I point out, that's not an exaggeration.
It's not just stupid people. It's also people who don't understand the issues because they have never studied encryption or computer security. Smart people and policy-makers.
It's not Republicans. It's not Democrats. It's BOTH - and the out-of-control government they control.
Quit expecting that government to solve your problems - it IS your problem.
A much better idea would be term limits and eliminating the gerrymandering of districts. Then we wouldn't get stupid bills like this.
I hear terrorists use cars, both to get to and from their crimes! We need a new bill to address this. The bill would simply provide that, if a court of law issues an order to render technical assistance or provide accurate tracking information of car, the company or individual would be required to do so. Today, terrorists and criminals are increasingly using cars to foil law enforcement efforts and commit atrocities, even in the face of a court order. We need cars for personal transportation, but we also need to know when terrorists are using cars to kill Americans.
Because while car crash deaths are still a real big killer, the IS has made MASSIVE strides in reducing them, and that has been done in no small part by legislation of new safety features. Deaths both in terms of absolute numbers and deaths per 100 million miles driven have been dropping consistently since around 1970.
Not agreeing with this bullshit encryption bill, just that your example may not be showing what you want it to show.
Yes, but we don't really care, do we?
Now there's a surprise...
Dude. Wake up. Go educate yourself about what is actually happening, why, and what it was like before.
Thick is the fog of lies.
We all know that terrorists and mafias follow laws and will abide by the rules. It is also well known that it is impossible to develop your own encryption software if there is a law in the US forbidding it, as there are no other countries in the world. This law is definitely sensible. It will help to capture terrorist's data without creating any problem to decent citizens.
After all, no decent citizen should have nothing to hide.
I wonder why there are no laws against spam, cryptolocker, viruses, etc... it would make my life much easier.
How about you make a law to make all terrorists report themselves at the nearest police stations to be executed! That would be even easier for you, right?
Of course, not reporting in is punishable by death.
Company and government-issued phones should have to have some sort of MDM product tied to them. If San Bernardino had used something like Blackberry ES to manage their iPhone (yes, BES supports Android and iPhone) their IT department could have popped the phone open as fast as the guy assigned to the task could log into BES and find the device.
So why are you backdoor-ing my phone? That question reveals how government really sees its citizens: Just like when the government promises to not use the powers it just gave itself. Encryption is a problem because LEOs can't use a bigger sledgehammer to get inside. Maybe, if the government spent time offering 'privacy' to citizens, citizens wouldn't be democratizing privacy themselves.
No 'but's: You're protecting personal data or you aren't. "Either you are with us, or you are with the terrorists." - GW Bush, 2001-09-20
Senators Richard Burr and Dianne Feinstein are neither the oppressive arm of Government nor are they idiots.
They are, however, profoundly ignorant of how things work in the real (non-Beltway) world. They are of the same ilk that cannot understand that email kept on a small private server (small target) with a staff that gives a damn is quite likely a lot more secure than on a "secured government server."
They must be thinking, "the company will provide a back door and keep it secret." What a great concept. Unfortunately that idea belongs to a world where it took a whole government and a bevy of codebreakers to crack a simple substitution code - the Enigma codes. Today, a single hacker can put together thousands of cpu core resources to attack any system. If there exists a back door, if there is any way into an encrypted system, some 14 year old in Romania or Great Britian (or China!) will find it. Consider the fact that the FBI hired such to go after in iPad, and the thing was compromised in short order.
And lest we think that this is a good thing, so that governments can go after terrorists, let me pose a question on a personal level: "How big is your bank account? Would you mind if you woke up some morning and found it empty?"
There are thousands of terror targets and probably tens of thousands of would-be terrorists. There are quite literally billions of targets in the private sector. It won't make the even news for very long if Mr. Smith gets cleaned out, but to Mr. Smith it may seem pretty terrible.
And there is a worse side: Let's say that the government requires back doors everywhere. Does that mean that terrorists are going to give up and throw up their hands figuratively? Hell, no. Any competent programmer can come up with an encryption scheme not known to the government, perhaps with vulnerabiilities which are also unknown to the government. The good guys (Us!) have opened our bank accounts to the script kiddies, and the bad guys will go right on using strong encryption. The government will be right back where they are now, having to hire a hacker to break that encryption.
We will have given up the keys to our doors without putting a small dent in terrorism.
Not a good choice, imo.
Don't take life too seriously; it isn't permanent.
And then the world wide tech sector would get a boost , and the US tech sector go bust.
What ? I never said I carred for the US tech sector. I am seeing this from the perspective of somebody in another country tech sector withshing that US politician get what they want : give us all non US firm a lot of jobs.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
We do - but we cannot have both.
Choose wisely.
i will have to cancel my credit cards and get new ones, and never buy anything online ever again,
Politics is Treachery, Religion is Brainwashing
You can't put the encryption genie back in the bottle. You look really dumb when you tell people you can.
I seriously just laugh every time I see this kind of foolish uneducated thinking. Don't senators have technical advisers that tell them: IT CAN'T BE DONE.
It's not even really a difficult concept to grasp, in my opinion.
how many times has a politician said one thing and then did the exact opposite when it comes time to put it down on paper
Politics is Treachery, Religion is Brainwashing
To the American people who think they live in an absolute democracy and liberty: you need to wake up and smell the coffee. Such a society never existed and cannot exist, because it is unsustainable. The libertarian utopia is just that, an utopia. Your founding fathers were lying to you. The government must have a way to listen to what people are talking, so they can protect law and order. Whether it will be done by mandating backdoored encryption, outlawing encryption software/hardware or simply allowing physical coercion/torture does not matter. The choice is yours.
Leaving the US for a privacy Shangri La sounds appealing, but where is this place?
By my estimations, it's a small number of European countries, most of which might face EU regulations which could end up being nearly as "bad" as the US for no real gain.
Most other places don't have enough privacy protections (crooked, authoritarian governments) or if they do, are too small to resist the diplomatic pressure the US could bring to bear on their privacy practices. Further, they may be small enough that the Chinese could be tempted to tamper with their manufacturing to create hardware back doors, as one disincentive the Chinese have is an open confrontation with the US over manufacturing.
The other unintended consequence could possibly US import restrictions on the devices now that they are a product of a "foreign" company.
An alternate name for the bill could be the Burr-Fenstein Fucking Waste of Public Time And Money act.
Seven puppies were harmed during the making of this post.
Is it Burfeinstein or Bearfinestine?
Nice...............Post.........
http://ekrasta.com
http://ekrasta.com/fashion/Shirtdetail.aspx?code=49
http://ekrasta.com/fashion/Shirtdetail.aspx?code=70
http://ekrasta.com/fashion/Manshirt.aspx
OK, so let's say .gov gets the heavy hitters to break existing encryption methods.
Along comes the open source community and publishes new methods faster than .gov can keep track.
These are opportune times for geeks with advanced CS and math degrees indeed.
Wouldn't it just be simpler to pass a law requiring all terrorists to report what they are going to do 24 or 48 hours before they do it?
That Dianne Feinstein is the epitome of evil, unamerican political criminals?
http://i.cubeupload.com/T6cyLu.png
"The bill requires legislation requires..."
WTF? Doesn't anyone read anything anymore?
Obama won't support it, but he will gleefully sign it if it somehow makes it to his desk. After all, if it does land on his desk, it will be because the American People lobbied their Congress to pass it, and so he will be doing the People's wwuuaaahahahhaaa sorry.. I just couldn't keep a straight face... huaaaahahaha lol lol roflmaobbq...
It's not just encryption, it's having any kind of knowledge about pseudorandomness.
I propose licensing all programmers with such knowledge along with any equipment they use to delve into such powerful and dangerous knowledge.
If we Americans still believe in Freedom ...
If we Americans still believe in Liberty ...
We should start a definite push in dealing traitors such as Feinstein a decisive blow
They should no longer be allowed to weaken our Constitution
They should no longer be allowed to undermine the spirit laid down by the founder of this great republic
Shame on Feinstein !
Shame on traitors who hate Freedom and Liberty !
Muchas Gracias, Señor Edward Snowden !
That's a great idea. This already works on the Internet, see RFC 3514.
KILL IT. KILL IT WITH FIRE.
Just adopt the George Costanza approach with her.
Anyone remember the "Keys under the doormat" paper from '97? The authors came back last year with a new paper here: https://dspace.mit.edu/bitstream/handle/1721.1/97690/MIT-CSAIL-TR-2015-026.pdf
I'm going to out and say it's required reading for everyone.
I heard that terrorists and criminals are increasingly using whispering to evade law enforcement bugs and wire-taps.
The government cannot require or prohibit any specific design or operating system for any covered entity to use in complying with a court order.
I.e. nothing is out-of-bounds when complying? That seems to conflict with this:
No one is above the law. Court order recipients must comply with the rule of law.
But what if providing the data requires breaking existing laws? I'll be the first to admit I don't know legalese, but this sure is confusing.
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
and not Orwellian, like, say, the PATRIOT act.
"We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans."
Fuck you. The people need to know when the GOVERNMENT is plotting to kill Americans. Fuck those white thugs everyone calls politicians and the horse they rode in on. When will the idiotic militant and police forces wake the fuck up and realize that these pasty fucking faggots are WORTHLESS without their grunts to enforce the "laws"? The only thing we need to do to take back our country is STOP doing the evil bidding of these fucking goddamn FAGGOTS. I'm sick of this shit! Free country my ASS. It's not even a goddamn COUNTRY! (don't believe me? look it up). FUCK.
Terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order.
Given that the majority of terrorist leadership structure (technocal and non-technical) isn't domestic, and they are completely capable of writing their own encryption apps, and hosting the services outside the US,
1. How does the bill reach those users and servers Answer: It doesn't
2. How does the bill enhance/protect/maintain security of users. Answer: It doesn't
3. How does the bill enhance/protect/maintain the security of the nation: Answer: there is only a temporary benefit until terrorists get educated about the fact the government has a back door into every phone sold or service operated in the US. Terrorists will be directed to an app that does not have a back door, and is not in the jurisdiction of the bill. Instead of the current limited surveillance capability, the communications will go completely dark.
4. How does the bill deter/inhibit the security of the terrorists: Answer: Short-term detriment until they can switch the naive users to their app, long-term benefit after.
5. How does the bill enhance/protect/maintain the security of the terrorists: Answer: provides motivation to create their own app, provides backdoors in all phones/services that can be potentially exploited by terrorist organizations and other governments, like Russians and the Chinese.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
On May 12, 2011, Feinstein cosponsored PIPA.
I think this person needs to lose an election.
"Live as if you'll die tomorrow." Ridiculous. You could die later today.
They must be thinking, "the company will provide a back door and keep it secret." What a great concept. Unfortunately that idea belongs to a world where it took a whole government and a bevy of codebreakers to crack a simple substitution code - the Enigma codes.
It's not about that. If you read the discussion draft of the proposed bill you will find the salient part is Sec. 2.4 which puts the onus of data decryption onto the service provider. There is nothing about how to implement it, just that if you encrypt it, it better be intelligible when we ask for it. There is a discussion about privacy of the individual, but it's secondary to access by the state. I uncertain if a judicial order is the same as a warrant for telecommunications intercepts however I still don't see any time limits imposed either.
And lest we think that this is a good thing, so that governments can go after terrorists, let me pose a question on a personal level: "How big is your bank account? Would you mind if you woke up some morning and found it empty?"
This is the whole point about these types of laws. It's not about "If you have nothing to hide, you have nothing to fear" it's more like "If you have nothing to loose, then you have nothing to hide".
With which we come to the hidden kicker in this proposed bill, the unmentioned meta-data retention clauses. Has anyone noticed that?
Section 4. 1. puts the onus on a license to collect all IP address, port number, routing, endpoints, protocols, both sides of a NAT, unique device identifiers (MAC address), the time, quantity and QOS information all time stamped to UTC, and more. These are targeted at Telecommunications companies, they require a warrant, but imply that the data is to be collected.
That's probably the elephant right there, it's a much larger scope than saying - hey tell us what this says. I'm unsure if it is a 4th amnd violation 'reasonable' to have a third party record your communications endpoints, it's probably happening anyway and that could be the 'reasonable' justification. Again the duration is not mentioned and I'd suggest any service provider who offers a service that only maintains meta data for your last billing cycle may be a feature of providers worth having.
Hell, no. Any competent programmer can come up with an encryption scheme not known to the government, perhaps with vulnerabiilities which are also unknown to the government.
Nope, they have that covered too in Sec 3.A.2 the orders can be issued against people providing the software. Surely this is a 5th Amnd violation. How can you be compelled to information that may incriminate you.
The good guys (Us!) have opened our bank accounts to the script kiddies, and the bad guys will go right on using strong encryption.
No, the point here is that your metadata will be stored in unencrypted form. The same demands were made of Australians because it is wasn't mandatory to encrypt the data, however it was mentioned in the bill that it should be encrypted.
The US bill doesn't even mention encrypting citizen meta data that is being recorded. This is an obvious honeypot for organized crime and as I have constantly repeated, fraud against citizens has no impact on the state, so they have little incentive to protect you from it in their quest to know everything about you.
The government will be right back where they are now, having to hire a hacker to break that encryption.
If the bad guys have their own encryption software then there is simply no access to their communications. The demands are on providers to decode communications when they receive a judicial order and the endpoints, volume and duration when issued a warrant.
We will have given up the keys to our doors without putting a small dent in terrorism.
Not a good choice, imo.
My ism, it's full of beliefs.
As I read it, providing a toll that simply tries all possible keys is compliant, even if it cannot be expected to break the encryption within the lifetimes of any party involved or the service life of the hardware. The bill doesn't require that you make things insecure, only that you comply with requests to attempt to break the security after the effect. It does not even require that the attempts be successful.
I've learned that any bill with the word Feinstein attached to it will be based on ignorance and fear. How this idiot keeps getting re elected is beyond my comprehension.
On May 12, 2011, Feinstein cosponsored PIPA.
I think this person needs to lose an election.
Me too, but why do you think that the morons who elected her will grow a brain cell before the next election.
Do you have ESP?
Comment removed based on user account deletion
CGP Gray just released a really good video on encryption.
Bullshit. Tens of billions of dollars in the US go into making roads safer every year. We spend tens of billions of dollars on making roads safer by doing things like making roads wider, increasing sight lines and slowing down traffic with roundabouts. In spite of your inflated ego, there are people driving other directions than yours, and traffic light timing is not a solvable problem, just optimizable for a very small set of conditions, which change with the seasons.
You're an arrogant, ignorant ass.
Different government agencies use different price per human life saved methodologies. Most agencies, such as the car regulation, pollution, etc. regulate only if the cost is less than $10 million per life saved. The EPA sets it at 7.4 million. Some agencies won't even require safety regulations if the cost exceeds $2 million.
Terrorism based agencies are a radical shift. When terrorism is involved, the idiots are willing to spend up to $180 million to save a single life. (https://www.schneier.com/blog/archives/2008/07/costbenefit_ana.html)
I propose that we legislate a maximum cost per human life saved at $20 million (adjusted for inflation, annually). This would wipe out most of the stupid expenses by federal anti-terrorism agencies, but still allow them to do their job.
excitingthingstodo.blogspot.com
The tobacco industry deliberately plotted to kill Amecicans in way larger proportion that the 9/11 Saudis. The food industry via sugar over intake also kills much more people than terrorists. The government kills much more Americans with unjustified wars.
Actually anything threatening the top wealthy 1% is considered as much more dangerous than when threatening the 99% rest.
Atlay eastlay itlay ashay ipartisonbay upportsay. Osay uyay ancay eesay utway aaway arstangledspay upidstay ongresscray eeway avway.
This sig has been encoded with rot-13 twice.
Is in US House or Senate - No trust at all, should probably be placed in a padded room for their own protection
Is in the state House or Senate - Very little trust but they likely don't need to be in a padded room
I heard someone once say that a person runs for local or state office only because their deepest darkest secret keeps them from running for higher office. Probably some truth in that somewhere...
And a one-time pad is unbreakable by any means except obtaining the one time pad if it is not misused.
Unbreakable encryption is within the technical reach of practically anyone.
It's not even hard. Exchange of the one time pad is inconvenient.
--PM
Di Fi is a LIBERAL! I thought liberals were FOR freedom? You mean she as a liberal LIED???
Once elected, congresspersons and senators can do what they please until the next election with no fear of recall. This means citizens have to vote them out in the next election cycle. Voters have short memories unless the transgression was particularly egregious.
There are two things missing at the federal level which would help ore representative government be more responsive to the peoples wishes:
1. Recall of congresspersons and senators with a 66% super majority.
2. Initiative and Referendum.
They are the terrorist. They're attempting to terrorize millions of people with this and other heavy handed laws. They want to run the major metropolitan city areas as prisons and force everyone to live in small stacked confined spaces... voluntarily of course, and to pay for the privilege.
If aliens don't need encryption to coordinate the extermination of all humans neither do terrorists.
I've never wanted anyone to die before but she needs to retire or croak before she can do more damage.
When are the terrorist plotting to kill Americans? All the time. Seriously, that's what terrorists do. Does anybody think it's a part-time thing or whatever?
I personally think they are human beings, not machines. There is literally no way what you are saying could be true. If you demonize the people responsible for terrorism, you will never be smart enough to stop them.
She had a good reputation and championed Democrat causes for years, but now she's just a sellout for big business and the movie industry.
Feinstein needs to switch to Republican or Independent because she is in no way a Democrat anymore, and she hasn't been for years.
Frankly I don't know how she can do these terrible things that go against everything her constituents believe in.
This bill appears to be just another uninformed effort by old establishment leaders who have little clue on the technology policy and its implications to the fundamental rights under the constitution. Cut to the chase. Why don't they just include a clause to outlaw putting a security code on your phone. That way anyone can access your information if they really need it. Better yet, require registration when you buy a lock from a store, requiring you to provide a copy of you key to the nearest police officer...just in case they need or feel they might need to access your personal property or information.
It may appear overboard, but efforts to legislation like this are just this simplistic and silly.
Because this bill would require any vendor, writer or provider of encrypted communications to have a way to decrypt it would also require any form of TLS connection to not have perfect forward secrecy. This would mean having like in the earlier DOD era, having a separate crypto' suites for US use that exclude the option.
I mention this because it is not going to happen, the cat is out of the bag and it would require rewriting the core of every TLS implementation everywhere.
Last night I figured out how to extort money out of big tech companies if the Feinstein-Burr bill becomes law. It requires that any company which has provided encryption technology render technical assistance in order to provide unencrypted versions of information in response to court orders.
So, here's what you do:
1) Choose a company which provides any existing encryption products which don't have backdoor and will host data for you in some form. Good choices might be Apple, Google, or Microsoft. For Microsoft you can use their BitLocker product to encrypt things. For Apple or Google, you can just use OpenSSL's command line to do the encrypting. There are likely some other companies that would work, but those are the first which come to mind.
2) Find a co-conspirator who is willing to sue you.
3) Create some key piece of information which is relevant to the potential court case.
4) Choose an amount of money which is quite large, but is within the potential budget of the company.
5) Do some calculations like this spread sheet does: https://docs.google.com//1hsvO2RBXWYxMMMCaDx5CASPy2l/edit (although I'm not sure these numbers are correct because I'm not sure they account for the efficiency of doing this with GPUs instead of CPUs) to figure out how long the key will have to be to be in order to cost the target amount of money. Assuming their figures are correct, then 86 bits would be the correct answer.
6) Choose an encryption function which uses more bits than that. So let's go with 128-bit AES for this example.
7) Encrypt the key piece of information with it.
8) Make a second file which contains notes about what algorithm is used and contains all but your target number of bits of the key. So in this case, 128-86 yields 42, so we put the first 42 bits of the key in the file.
9) On the storage provided by your target company, store the encrypted data and the unencrypted second file.
10) Ensure that all other copies of the data and the key have been completely and utterly destroyed, but keep references to its existence.
11) Proceed with the lawsuit and have your co-conspirator find out about the file in discovery.
12) Have them obtain a court order requiring the target company render technical assistance. Now, to comply with the court order, they must spend approximately $10 million dollars to brute force the remaining bits of the key.
13) Offer to have talks about settling the lawsuit, but only if the company is also involved in those talks.
14) Hint that this could all go away for a much smaller amount, like only $100,000 especially if the target company were willing to pay.
15) Once they pay up, drop the lawsuit thus vacating the court order.
This old decrepit ugly cunt needs to catch cancer and die, just like the cancer she's trying to inject into america
Shouldn't the free speech-protecting provision of the us constitution's first amendment be taken to imply the right to say things jack-booted government thugs can't understand?
Politicians do weird thinks like sponsor/vote-for bills they don't want passed for image reasons and or to do cross party vote trading. The trick is playing chicken with the number of votes required to pass or knowing you can bury it later in committee if it happens to pass.
The problem is things like this are often posturing.
The single biggest threat this law creates is the need to have passwords a company can decrypt. If a court order requests the password of an account, a company is required to provide said password. This means you must now store your user passwords in a method you can decrypt. Nope, nothing wrong with that! I guess Senator Burr was getting jealous of all the attention the NC GOP was getting from HB2 that he wanted to try and upstage them.
Maybe but it sure seems like only the real wack jobs make it to the national level.
That's just because they get more publicity. Trust me that the local guys are every bit as weird as the national guys and frequently even weirder.
Amen brother..and Wyoming and Montana are sounding better by the day.
" ... We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans."
Translation: "We are vegans that eat meat."
Diane "Banker-Buttlicker" Feinsten, the dragon lady with no fucking heart.
...
Why the hell Californians keep electing her I'll never understand.
Do you think it might have something to do with the influence of money in US elections? ;)
This isn't about terrorism or surveillance. This is much more boring and insidious. Look at her donor list. Five defense contractors in the top 15 each with "cyber war" divisions. Someone will have to build this new backdoored encryption and it will cost at least a few hundred million. Northrop Grumman is one of her and Burrs top donors. I predict NG wins a very carefully run competition for the contract.
refactor the law, its bloated, confusing and unmaintainable.
Won't someone just vote her pernicious backside out of office already? How much more damage must she do to the US before we wise up?
as a resident of California I can not support or approve of this action by Feinstein.
We also need, more importantly, a GOVERNMENT WE CAN TRULY TRUST! And, we need that FIRST. And, we need it WITHOUT the greedy, manipulative fingers of corporations.
Self-importance and self-indulgence is the root of ALL evil.
n/t