Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Anti-Encryption Law Is So 'Braindead' It Will Outlaw File Compression (theregister.co.uk)

Posted by BeauHD on from the zombie-legislation dept.

An anonymous reader writes: The bill released Thursday by Senators Richard Burr and Dianne Feinstein to force U.S. companies to build backdoors into their encryption systems has been further dissected by experts. In less than 24 hours after the Court Orders Act of 2016 draft was released, 43,000 signatures have been added to a petition calling for the bill to be withdrawn. Bruce Schneier, the writer of the books on modern cryptography, said the bill would make most of what the NSA does illegal, unless no such agency is willing to backdoor its own encrypted communications. "This is the most braindead piece of legislation I've ever seen," Schneier told The Register. "The person who wrote this either has no idea how technology works or just doesn't care." Schneier says cryptographic code will be affected by this legislation, as well as "lossy compression algorithms" that are used to reduce the size of images for sending through email, which won't work in reverse and add back the data removed. Files that can't be decrypted on demand to their original state, and files that can't be decompressed back to their exact originals, all look the same to this draft now. He said even deleted data could be covered in this legislation.

36 of 241 comments (clear)

  1. Feinstein is one of those by ArmoredDragon · · Score: 2, Insightful

    ...where nobody seems to know how they continue to get elected.

    1. Re:Feinstein is one of those by KGIII · · Score: 4, Insightful

      I guess the question is this:

      Does this surprise anyone, anyone at all? Is anyone gasping because they're shocked that such would be proposed? Anyone? Anyone?

      No... Me either...

      *sighs* I tell you what, it's seriously reaching the point where we the people need to remind the government who is in charge. No, I am not advocating violence. Yes, I am advocating forcing them to listen.

      However, on the subject of violence... The government should fear the citizens, not the other way around. Fear, having a meaning akin to respect as well as what one might normally define it as.

      See definition 4 here:
      http://www.thefreedictionary.c...

      Of course, if need be, the other definitions work.

      --
      "So long and thanks for all the fish."
    2. Re:Feinstein is one of those by dejitaru · · Score: 3, Insightful

      I mostly blame it on people voting strictly based on party and not the actual candidate... The biggest issue with voting imo.

    3. Re:Feinstein is one of those by sconeu · · Score: 3, Interesting

      Well, Feinstein's opponent last time was Carly, and after what she did to Lucent and to HP, I was damned if I was going to vote for her.

      --
      General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    4. Re:Feinstein is one of those by taustin · · Score: 2, Informative

      If you live in California, you know full well how she continues to get elected: California voters are idiots who do what they're told by the talking box in their living room.

    5. Re:Feinstein is one of those by Anonymous Coward · · Score: 4, Interesting

      If that's what you want, you need to attack the places the politicians care about - their wallet and their power, and that means impeachment. But in the present system, politicians don't fear impeachment because it's such a convoluted process -- it doesn't happen much. What I propose is a process for direct impeachment, where every quarter constituents can vote to impeach or not. Perhaps semi-annually. It's like a job performance review -- they work for us so we should be able to fire them at any time if we think they are doing their job poorly. The reason these people remain in office is because the terms are so long, by the time re-elections are due, everyone has forgotten about the past 2-4 years of shenanigans. We need to close that loop, and get the people directly involved, on short timeframes. The colossal amount of fail happening in the government right now is truly embarrassing. We need to make it easier for the people to remove bad leaders. If we can't have direct democracy, I think direct impeachment is a good alternative.

    6. Re:Feinstein is one of those by RabidReindeer · · Score: 2

      Bill Clinton got impeached. All that meant was that $40 million of taxpayer money was spent doing nothing of any practical effect.

      What we need to be able to vote for is removal. A few successful recall elections could do a lot.

    7. Re:Feinstein is one of those by linuxwrangler · · Score: 3, Informative

      Yes, she runs as a Democrat but must be a DINO...in-name-only.

      While she does support some liberal stances on gay marriage and on occasion has voted for small scaling back of some surveillance programs her overall record is far from liberal.

      She is fiercely pro-corporate supporting H1B programs and nearly every pro-Hollywood copyright plan she sees.

      Her anti-free-speech sentiments are seen both as the main Democratic sponsor of the failed Flag Desecration constitutional amendment and in bills supporting unilateral US censorship of the Internet.

      She was the original Democratic supporter of the PATRIOT act, supports numerous hard-stance "tough on crime" acts and called for the immediate arrest and extradition of Edward Snowden.

      She is pro death-penalty.

      She is against any substantial limits on spying having joined Republicans in voting to give the executive branch authority for international surveillance of Americans without the need for FISA court oversight and for continuing civil immunity for providers who assist the government is such activities.

      Meanwhile, her husband Richard Blum's firm CBRE is poised to earn $1 Billion on the sale of closed post offices.

      Her sponsorship of this idiotic legislation should not surprise anyone.

      --

      ~~~~~~~
      "You are not remembered for doing what is expected of you." - Atul Chitnis
    8. Re:Feinstein is one of those by KGIII · · Score: 5, Insightful

      Oh, I've already listed the best way that I can think of to get their attention and it's a bit long to write it out again. However, it's easy enough to do. What we need, in order to do it, is solidarity. That's what we, the citizens, lack. We're too busy fighting over who is what color, who is getting what for privilege, who has what politics, who has sex with who, who believes in this, and who believes in that. We call each other hillbillies, rednecks, fagots, and thugs. We berate someone for wearing a Confederate Flag or for wearing a Rainbow Flag. We're rooting for Trump and Clinton.

      In other words, they've happily sat back and watched us squabble over the scraps while they continue eating their 12 course meal at the adult table. What we lack is the ability to stop pissing and moaning about the differences between us. What we lack is the motivation to pay attention to the many things we all have in common. We have no solidarity.

      We have no unity (unless we have Ubuntu). We argue over operating systems, programming languages, politically correct pronouns, text editors, who shot first, grammar, and more. We hate anyone who has more than us and are sure they stole it, else they wouldn't have it. Either way, they don't deserve it. The people below us, financially, you either view them as incompetent and needing to be carried or needing to be left behind.

      You don't see a human when you read my posts. You see an idea, you see a picture, you see a caricature. You either hate it or you like it but you don't bother to think about the things you and I have in common. You want to be right. You want to win, win what? You want to win the internet points? You want the last word? You want to be the King Shit on Turd Island? Well, that's what you've got.

      And it might not even be your fault. You might be just peachy and perfect and willing to sacrifice for the greater good. That's quite possible but, really, if you are then you're no in the majority. The majority wants more and mine. The majority wants control and only views things in their own binary fashion. The majority isn't concerned about your problems because your problems aren't their problems. They don't even notice the disconnect when they finally have their problems and not a hand is raised to help them.

      Then, accountability? We can not have that. Make a post suggesting someone have some personal accountability. Suggest that people be responsible. Note the remarks you get - just here, on this site, a site full of some of the smartest people on the 'net. You don't get solidarity without accountability. You don't get accountability without compassion. You don't get compassion without unity (unless you install it with apt-get).

      No, we need solidarity. If you can tell me how to get solidarity, I will tell you how to rule the world.

      --
      "So long and thanks for all the fish."
    9. Re:Feinstein is one of those by Dunbal · · Score: 2

      people need to remind the government who is in charge. No, I am not advocating violence.

      Power, and politics, grow from the barrel of a gun. Now PC liberal types will get all offended at this, but it does not change the fact that it's an absolute truth. Of course a whole bunch of hippy types will point to Ghandi and his "non violent" ways. Remind me what happened to Ghandi again? And his wife. And his son? So in the end, who won? Violence is the ONLY way to change things. It's nature's way. You don't let the other alpha male on your territory, you drive him off through force, or you kill him.

      If people were smarter then you could convince them. But if people were smarter they wouldn't need politicians in the first place. Leaders are for herd-beasts, and herd beasts need violence to drive them to change direction, or in some cases even to start moving. Go write an essay to convince a bunch of cows on how necessary it is to move to the other field. What do you think will happen? Now get a stick and go hit a few and see how quick you'll convince them.

      I don't consider myself a violent person, nor do I condone unnecessary violence. I am, however, a realist. And I've reached an age where I understand that there is such a thing as necessary violence. Ask Feinstein. I'm sure she would have no problem having her goons commit violent acts towards you to get you out of her way. What do you think "law enforcement" IS?

      --
      Seven puppies were harmed during the making of this post.
    10. Re:Feinstein is one of those by ATMAvatar · · Score: 4, Insightful

      If that's what you want, you need to attack the places the politicians care about - their wallet and their power, and that means impeachment. But in the present system, politicians don't fear impeachment because it's such a convoluted process -- it doesn't happen much. What I propose is a process for direct impeachment, where every quarter constituents can vote to impeach or not. Perhaps semi-annually. It's like a job performance review -- they work for us so we should be able to fire them at any time if we think they are doing their job poorly. The reason these people remain in office is because the terms are so long, by the time re-elections are due, everyone has forgotten about the past 2-4 years of shenanigans. We need to close that loop, and get the people directly involved, on short timeframes. The colossal amount of fail happening in the government right now is truly embarrassing. We need to make it easier for the people to remove bad leaders. If we can't have direct democracy, I think direct impeachment is a good alternative.

      There are plenty of issues with the US electoral system that need remedies, but 2-, 4-, and 6-year terms being too long is not one of them.

      Let's review:

      • Voters generally elect people by picking their "team" without regard for issues or voting history.
      • Elections are winner-take-all.
      • Gerrymandering has effectively predetermined the outcome of elections in many areas of the country.
      • The Supreme Court declared that money = speech, enshrining corruption as a constitutional right. It has also defined the criteria for bribery so narrowly that it's nearly impossible to prosecute.
      • Most elected officials are given cushy private sector jobs upon leaving office (likely in return for undisclosed favors).

      While not all the above are under direct control by voters, the first one certainly is, and fixing it is necessary to address any of the others.

      --
      "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
    11. Re:Feinstein is one of those by KGIII · · Score: 3, Interesting

      I will be on the Maine State ballot for Senate, district 17, this fall. I'm actually a classic Libertarian or, perhaps, a Socialist Libertarian. If I were in Europe, you'd call me a Socialist Democrat - more likely than not. Though, I've got all the signatures and the paperwork is turned in (I had all that done before I even went on my winter vacation), I am kind of doubting my desire to hold office.

      The reasons are long and complex. I don't want the job to begin with. I've neither the need for money nor the need for the infamy. I don't need the prying and, while I don't mind being honest, there are some things I just don't feel like having to explain because they occupy more than 140 characters or a bumper sticker. I still have time to remove my name, prior to the ballot printings, and I'm not entirely sure what I want to do.

      A long time ago, I was going to be the next Jim Morrison. We had a band, we even had a demo tape, and we did a bunch of concerts down the East Coast. Then, we went to the West Coast. The following year, I was in the Marines. I learned something back then. The people you want to be able to listen, can't. Had the crowd been a little less noisy and listened to the music then maybe we would have ended up with a record deal. Instead, the bars were loud and fights were frequent and the people you wanted to be able to hear, couldn't.

      I wonder if I'm approaching that same sort of thing with politics. I don't want the job. I never wanted the job. I've just been asked to run many, many times and I finally agreed that "I'd consider it" if they could get enough signatures. It's a rather small district, up in North Western, Maine. I have better ways to waste my time - even if it means posting on Slashdot, then trying to change the juggernaut that is humanity. I am not that powerful and, as I said, the ones I want to hear - can't.

      So, I don't know... The missus and I discuss it nearly every day. I'm headed back to Maine in just a few more weeks. I'll miss my time in the Gulf but I'm missing Maine even more. I think the State ought to be a fair, just, balanced, and compassionate organization that is there for the benefit and not for the detriment. That's why I opted to run as a Senator.

      By the way, the band was horrible. Absolutely horrific and had no business being on stage. Separately, we weren't bad. Together, we kind of sucked. Though, once in a while, if the declination of the moon was right and the level of intoxication was just so - you could feel the music, and I do not mean the vibrations of the air via sound waves. All-in-all, I'm much happier that my life turned out the way it has.

      But, I fear the same problem will be there with politics. It's like the Law of Diminishing Returns. It's everywhere. Those you want to be able to listen, can't. Not much of what I have to say fits in a bunch of check-marks, bumper stickers, or in 140 characters or less. I learned that at a very young age. I don't have a middle name. I have four names, no hyphen in the middle, and thus I have no middle name but I do have two middle names. When you fill those forms out with your handy dandy #2 pencil, there's just no room on there for me. They have one slot for a middle initial and I don't have one - I have two. It was then that I realized that the check-boxes of life just don't seem to fit. Funny how it all turns out in the end.

      But, you can now say you've heard a politician (even if just an aspiring politician - who may decide to not run) say such things. I don't think most people want to hear it. It means that they've got to be accountable. It means that they're responsible. It means that they need to take action, accept risks, and live with the consequences of those choices. I'm not sure that I don't blame them. Life's easy when you're a coward.

      --
      "So long and thanks for all the fish."
  2. Of course by MightyMartian · · Score: 5, Interesting

    Of course the politicians involved are retards. They're just doing what the FBI and NSA are telling them to do. So far as these stunningly mindless halfwits are concerned, computers are magic bosses and those weirdo nerdy wizards should just do what they are told.

    Want better politicians, don't elect fucking morons.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  3. boneheads. write your own critters to kill this. by swschrad · · Score: 3, Informative

    there just isn't anything else to say. this is legislation in the ISIS category meant to hammer society back to 600 AD.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
  4. Re:And that was when by BronsCon · · Score: 2

    Yup, this directly affects porn and that will get the masses moving.

    --
    APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  5. NSA = no such agency by zero_out · · Score: 2

    For those who didn't immediately make the connection, the words "no such agency" in the summary was a reference to the nickname for the NSA. It would have been better if they capitalized it as No Such Agency.

  6. Re:Of course it is - Feinstien by Anonymous Coward · · Score: 3, Funny

    To be fair, most knitting actually can be reverted to it's original state as long as you haven't cut it off the spool yet. So writing something similar about knitting would still technically be less asinine than this bill,a nd would mostly juts result in seaters coming with an attached ball of excess yarn you can't legally cut off.

  7. Goodbye stored passwords by CanadianMacFan · · Score: 4, Insightful

    An interesting comment on The Register pointed out that how the law is written it would ban the use of one way hashes to store passwords.

  8. I Wrote Her --Did You? by BrendaEM · · Score: 4, Insightful

    Please share your views here, too.
    http://www.feinstein.senate.go...

    --
    https://www.youtube.com/c/BrendaEM
  9. A question I keep asking that no one ever answers by itsownreward · · Score: 4, Insightful

    Suppose I use some third-party encryption that is made available anonymously or from another country, so there's no company to compel to reverse it. (Think TrueCrypt, or something from Schneier's Applied Cryptography.) Now suppose I plead the fifth and refuse to decrypt it. What then? We start blocking any site that hosts such a thing? Burn books on cryptography? Ban people from running compilers? Code escrow of all source with the NSA on pain of death?

    Sure, there's the obligatory XKCD wrench decryption, but otherwise... I'm not sure how this makes a lick of sense.

  10. So no more MP3s... by ddtmm · · Score: 4, Insightful

    If it bans any algorithm "that can't be decrypted on demand to their original state", that pretty cuts out MP3s, and pretty much every streaming audio and video service. Good luck with that...

    1. Re:So no more MP3s... by Obfuscant · · Score: 2

      If it bans any algorithm "that can't be decrypted on demand to their original state", that pretty cuts out MP3s,

      It talks about "intelligible information". E.g., the law requires that a recipient of a court order:

      provide such information or data to such government in an intelligible format; or

      MP3s can be made into intelligible information by a very very large number of programs and devices. You might even say that there are so many programs and devices that use MP3s that mp3 IS an intelligible format all by itself. And the same with streaming video, TV, etc that the other poster worries about. And the same for "file compression" as in the title.

      I'm sorry, but the worry that this law covers "lossy compression" is just a waste of time and is complete FUD.

  11. Compiling by HelpTheNewOverlord · · Score: 2, Interesting

    If lossy compression is affected, wouldn't compiling be affected too?

  12. Re:A question I keep asking that no one ever answe by snadrus · · Score: 3, Informative

    It's like the ban on exporting encryption software or source files which had the simple workaround of a bound book of source code being sent overseas to legitimately write compatible software.

    If passed, workarounds would be found.

    Worst-Case: Tech Industry leaves America for saner shores (it's not like these companies are all that patriotic).
    All to prevent fundamentalists from destroying America, well, wait what?

    --
    Science & open-source build trust from peer review. Learn systems you can trust.
  13. Not even the MOST braindead thing about it by Locke2005 · · Score: 4, Insightful

    Won't forcing all US-made encryption software to include backdoors simply force all encryption software developers overseas??? Any company that wants to remain in the US will have to contract it's encryption out to a non-US company. Thanks, DiFI, for sending my job offshore!

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
    1. Re:Not even the MOST braindead thing about it by delt0r · · Score: 2

      Read the PGP story. It is a great read. The classified encryption as a munition for some time in order to try and control it. It didn't work. One workaround the export restriction was to print all the source code and post it overseas where it was scaned/OCR/typed. The rest of the world doesn't have restrictions on encryption (then or yet).

      --
      If information wants to be free, why does my internet connection cost so much?
  14. Reaches into the past, too. by KeithIrwin · · Score: 4, Interesting

    In addition to requiring all encryption products in the future must have backdoors, it also requires that all encryption software from the past already have been backdoored unless you want to have to brute-force it in response to a court order to "render technical assistance".

    If passed, this would open up a novel new extortion attack where you intentionally use non-backdoored software to encrypt some data, thoroughly delete the unencrypted versions, create a lawsuit where that data is part of discovery, and then get your opponent in the lawsuit (who is conspiring with you) to ask the court to order the company which distributed the encryption tool to render the technical assistance needed to decrypt. Thus the company will be on the hook for the cost of all the needed electricity to run all the CPUs or GPUs to brute-force the encryption key, except that you conveniently offer that if they can help work out a settlement in the lawsuit (i.e. pay you or your conspirator), then maybe the lawsuit can be dropped, thus vacating the court order.

  15. How this law will work by jodido · · Score: 4, Insightful

    It doesn't matter what this law will say. What matters--and this is of course true of every law--is how it will be enforced. They don't care about MP3s or even cryptography as such. What they care about is being able to decrypt the communications they want to decrypt. It's much easier from their point of view to write an overly broad law even if it appears stupid because it's only the enforcement that counts, and they control the enforcement.

  16. NOT so innocent by axewolf · · Score: 4, Interesting

    What you are supposed to get out of this story:
    "HEHE Look how SILLY this law is!
    That silly old government [with the most educated people in the world filling its offices] keeps making silly dumb laws!
    If only we could get people who understood the ISSUES to make laws for us everything would be OK! OH WELLLLL"

    This is one of the oldest tricks in the book. Feigning ignorance to herd people into a viewpoint which is more sympathetic to the subject than the viewpoint of the truth: malicious intent against the viewer.

    This law is a power grab. There is nothing ignorant about it. This is pressure on an important area for the rich/high-class/corporate interest.

    Don't ever fall for this trick!
    Now the question is, why is this site and the referenced news agency helping with this deception? Surely a PROFESSIONAL would be aware of the possibility of this deception? Of course they are.
    So why are they helping?
    It couldn't be because the tangled interests essentially make the media interest and the corporate interest one body could it?
    No, that would be CONSPIRACY and would be very wrong indeed to think about!!!

  17. They do know what they are doing... by rezulir · · Score: 4, Insightful

    I think those who wrote this brain dead legislation know exactly what they are doing. There is just too damn much freedom on the internets.

  18. Re:A question I keep asking that no one ever answe by Dutch+Gun · · Score: 2

    What then? We already went through this a few decades ago when we declared strong encryption as a munition, subject to export restrictions. We're just now getting over the negative repercussions of that little debacle, so naturally, it's time to do the same thing all over again... except its even worse. This time we're denying ourselves strong encryption.

    Third party security software not subject to US laws will, of course, proliferate, and the only ones who will be harmed by this are those who actually deign to obey the stupid law. Anyone who has something to hide will just encrypt data at the application level, and there's *nothing* that can be done about that.

    --
    Irony: Agile development has too much intertia to be abandoned now.
  19. Burr is one of those too. by duckintheface · · Score: 5, Informative

    I've known Richard Burr since 1994. He was an appliance salesman who wanted to be in Congress. I was a campaign organizer for his opponent in that race. He has no understanding of tech issues which makes it all the more ridiculous that he is Chair of the Senate Intelligence Committee.

    Burr is doing this because he is up for re-election this November. His opponent in the race is Deborah Ross, an intelligent and hard working former member of the NC House of Representatives and former State Director of the North Carolina ACLU. If you really want to fix the Burr problem, consider making a donation to the Deborah Ross for Senate Campaign. https://secure.actblue.com/con...

    --
    "He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
    1. Re:Burr is one of those too. by aralin · · Score: 2

      Thank you for the link. I just contributed and I will vote for anyone who will run against Feinstein in primaries and general election. I've wrote to her saying that much.

      --
      If programs would be read like poetry, most programmers would be Vogons.
  20. Re:Riddle me this: by vux984 · · Score: 2

    "Ok, Richard Burr and Dianne Feinstein, explain to me how to insert a back door into a one-time pad encryption system"

    Easy, all OTP ciphers must be registered with the new created FBU run Decipher Unit Message Box service (aka DUMB); which will store the OTP key and provide a hash of the file. All ciphers transmitted must be prefixed with their hash.

    Companies can use this nice RESTFUL API to submit copies of the key to the DUMB service as it is generated; as compliance with the backdoor policies.

    " It is the only existing mathematically unbreakable encryption."

    Sure. Unbreakable by math; but backdoors are more about circumvention of security rather than actually breaking it.

  21. This is how it works by fustakrakich · · Score: 2

    Start with a sledgehammer, and file it down to a nice sharp edge. Eh, whatever, as long as we can spy on the state and take away its privacy, it won't matter. But let's all forget about ours. It's gone. But let's not forget that these are elected officials that want to impose this stuff. Y'know, in case you're interested in following the chain of events to its source.

    --
    “He’s not deformed, he’s just drunk!”
  22. Re:Submitted too soon by KozmoStevnNaut · · Score: 2

    Read up: https://en.wikipedia.org/wiki/...

    The political spectrum is not one-dimensional left/right, at the very least it's two-dimensional left/right and authoritarian/libertarian. And you should also read up on socialism and marxism in particular, and the end goal of the withering of the state, which is the complete opposite of statism. Realize that with welfare and perhaps even unconditional basic income (UBI) comes freedom from worrying about the future and your next meal. Freedom to be a completely free actor and not bound to an unfair employer.

    Pure collectivism and pure individualism are both deeply flawed. We need to realize that we are collectives of individuals, and that we can only achieve individual greatness if we work together.

    --
    Eat the rich.