Slashdot Mirror
US Anti-Encryption Law Is So 'Braindead' It Will Outlaw File Compression (theregister.co.uk)
An anonymous reader writes: The bill released Thursday by Senators Richard Burr and Dianne Feinstein to force U.S. companies to build backdoors into their encryption systems has been further dissected by experts. In less than 24 hours after the Court Orders Act of 2016 draft was released, 43,000 signatures have been added to a petition calling for the bill to be withdrawn. Bruce Schneier, the writer of the books on modern cryptography, said the bill would make most of what the NSA does illegal, unless no such agency is willing to backdoor its own encrypted communications. "This is the most braindead piece of legislation I've ever seen," Schneier told The Register. "The person who wrote this either has no idea how technology works or just doesn't care." Schneier says cryptographic code will be affected by this legislation, as well as "lossy compression algorithms" that are used to reduce the size of images for sending through email, which won't work in reverse and add back the data removed. Files that can't be decrypted on demand to their original state, and files that can't be decompressed back to their exact originals, all look the same to this draft now. He said even deleted data could be covered in this legislation.
Of course the politicians involved are retards. They're just doing what the FBI and NSA are telling them to do. So far as these stunningly mindless halfwits are concerned, computers are magic bosses and those weirdo nerdy wizards should just do what they are told.
Want better politicians, don't elect fucking morons.
The world's burning. Moped Jesus spotted on I50. Details at 11.
I guess the question is this:
Does this surprise anyone, anyone at all? Is anyone gasping because they're shocked that such would be proposed? Anyone? Anyone?
No... Me either...
*sighs* I tell you what, it's seriously reaching the point where we the people need to remind the government who is in charge. No, I am not advocating violence. Yes, I am advocating forcing them to listen.
However, on the subject of violence... The government should fear the citizens, not the other way around. Fear, having a meaning akin to respect as well as what one might normally define it as.
See definition 4 here:
http://www.thefreedictionary.c...
Of course, if need be, the other definitions work.
"So long and thanks for all the fish."
An interesting comment on The Register pointed out that how the law is written it would ban the use of one way hashes to store passwords.
Please share your views here, too.
http://www.feinstein.senate.go...
https://www.youtube.com/c/BrendaEM
Suppose I use some third-party encryption that is made available anonymously or from another country, so there's no company to compel to reverse it. (Think TrueCrypt, or something from Schneier's Applied Cryptography.) Now suppose I plead the fifth and refuse to decrypt it. What then? We start blocking any site that hosts such a thing? Burn books on cryptography? Ban people from running compilers? Code escrow of all source with the NSA on pain of death?
Sure, there's the obligatory XKCD wrench decryption, but otherwise... I'm not sure how this makes a lick of sense.
If it bans any algorithm "that can't be decrypted on demand to their original state", that pretty cuts out MP3s, and pretty much every streaming audio and video service. Good luck with that...
If that's what you want, you need to attack the places the politicians care about - their wallet and their power, and that means impeachment. But in the present system, politicians don't fear impeachment because it's such a convoluted process -- it doesn't happen much. What I propose is a process for direct impeachment, where every quarter constituents can vote to impeach or not. Perhaps semi-annually. It's like a job performance review -- they work for us so we should be able to fire them at any time if we think they are doing their job poorly. The reason these people remain in office is because the terms are so long, by the time re-elections are due, everyone has forgotten about the past 2-4 years of shenanigans. We need to close that loop, and get the people directly involved, on short timeframes. The colossal amount of fail happening in the government right now is truly embarrassing. We need to make it easier for the people to remove bad leaders. If we can't have direct democracy, I think direct impeachment is a good alternative.
Won't forcing all US-made encryption software to include backdoors simply force all encryption software developers overseas??? Any company that wants to remain in the US will have to contract it's encryption out to a non-US company. Thanks, DiFI, for sending my job offshore!
I've abandoned my search for truth; now I'm just looking for some useful delusions.
In addition to requiring all encryption products in the future must have backdoors, it also requires that all encryption software from the past already have been backdoored unless you want to have to brute-force it in response to a court order to "render technical assistance".
If passed, this would open up a novel new extortion attack where you intentionally use non-backdoored software to encrypt some data, thoroughly delete the unencrypted versions, create a lawsuit where that data is part of discovery, and then get your opponent in the lawsuit (who is conspiring with you) to ask the court to order the company which distributed the encryption tool to render the technical assistance needed to decrypt. Thus the company will be on the hook for the cost of all the needed electricity to run all the CPUs or GPUs to brute-force the encryption key, except that you conveniently offer that if they can help work out a settlement in the lawsuit (i.e. pay you or your conspirator), then maybe the lawsuit can be dropped, thus vacating the court order.
It doesn't matter what this law will say. What matters--and this is of course true of every law--is how it will be enforced. They don't care about MP3s or even cryptography as such. What they care about is being able to decrypt the communications they want to decrypt. It's much easier from their point of view to write an overly broad law even if it appears stupid because it's only the enforcement that counts, and they control the enforcement.
What you are supposed to get out of this story:
"HEHE Look how SILLY this law is!
That silly old government [with the most educated people in the world filling its offices] keeps making silly dumb laws!
If only we could get people who understood the ISSUES to make laws for us everything would be OK! OH WELLLLL"
This is one of the oldest tricks in the book. Feigning ignorance to herd people into a viewpoint which is more sympathetic to the subject than the viewpoint of the truth: malicious intent against the viewer.
This law is a power grab. There is nothing ignorant about it. This is pressure on an important area for the rich/high-class/corporate interest.
Don't ever fall for this trick!
Now the question is, why is this site and the referenced news agency helping with this deception? Surely a PROFESSIONAL would be aware of the possibility of this deception? Of course they are.
So why are they helping?
It couldn't be because the tangled interests essentially make the media interest and the corporate interest one body could it?
No, that would be CONSPIRACY and would be very wrong indeed to think about!!!
I think those who wrote this brain dead legislation know exactly what they are doing. There is just too damn much freedom on the internets.
I've known Richard Burr since 1994. He was an appliance salesman who wanted to be in Congress. I was a campaign organizer for his opponent in that race. He has no understanding of tech issues which makes it all the more ridiculous that he is Chair of the Senate Intelligence Committee.
Burr is doing this because he is up for re-election this November. His opponent in the race is Deborah Ross, an intelligent and hard working former member of the NC House of Representatives and former State Director of the North Carolina ACLU. If you really want to fix the Burr problem, consider making a donation to the Deborah Ross for Senate Campaign. https://secure.actblue.com/con...
"He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
Oh, I've already listed the best way that I can think of to get their attention and it's a bit long to write it out again. However, it's easy enough to do. What we need, in order to do it, is solidarity. That's what we, the citizens, lack. We're too busy fighting over who is what color, who is getting what for privilege, who has what politics, who has sex with who, who believes in this, and who believes in that. We call each other hillbillies, rednecks, fagots, and thugs. We berate someone for wearing a Confederate Flag or for wearing a Rainbow Flag. We're rooting for Trump and Clinton.
In other words, they've happily sat back and watched us squabble over the scraps while they continue eating their 12 course meal at the adult table. What we lack is the ability to stop pissing and moaning about the differences between us. What we lack is the motivation to pay attention to the many things we all have in common. We have no solidarity.
We have no unity (unless we have Ubuntu). We argue over operating systems, programming languages, politically correct pronouns, text editors, who shot first, grammar, and more. We hate anyone who has more than us and are sure they stole it, else they wouldn't have it. Either way, they don't deserve it. The people below us, financially, you either view them as incompetent and needing to be carried or needing to be left behind.
You don't see a human when you read my posts. You see an idea, you see a picture, you see a caricature. You either hate it or you like it but you don't bother to think about the things you and I have in common. You want to be right. You want to win, win what? You want to win the internet points? You want the last word? You want to be the King Shit on Turd Island? Well, that's what you've got.
And it might not even be your fault. You might be just peachy and perfect and willing to sacrifice for the greater good. That's quite possible but, really, if you are then you're no in the majority. The majority wants more and mine. The majority wants control and only views things in their own binary fashion. The majority isn't concerned about your problems because your problems aren't their problems. They don't even notice the disconnect when they finally have their problems and not a hand is raised to help them.
Then, accountability? We can not have that. Make a post suggesting someone have some personal accountability. Suggest that people be responsible. Note the remarks you get - just here, on this site, a site full of some of the smartest people on the 'net. You don't get solidarity without accountability. You don't get accountability without compassion. You don't get compassion without unity (unless you install it with apt-get).
No, we need solidarity. If you can tell me how to get solidarity, I will tell you how to rule the world.
"So long and thanks for all the fish."
If that's what you want, you need to attack the places the politicians care about - their wallet and their power, and that means impeachment. But in the present system, politicians don't fear impeachment because it's such a convoluted process -- it doesn't happen much. What I propose is a process for direct impeachment, where every quarter constituents can vote to impeach or not. Perhaps semi-annually. It's like a job performance review -- they work for us so we should be able to fire them at any time if we think they are doing their job poorly. The reason these people remain in office is because the terms are so long, by the time re-elections are due, everyone has forgotten about the past 2-4 years of shenanigans. We need to close that loop, and get the people directly involved, on short timeframes. The colossal amount of fail happening in the government right now is truly embarrassing. We need to make it easier for the people to remove bad leaders. If we can't have direct democracy, I think direct impeachment is a good alternative.
There are plenty of issues with the US electoral system that need remedies, but 2-, 4-, and 6-year terms being too long is not one of them.
Let's review:
While not all the above are under direct control by voters, the first one certainly is, and fixing it is necessary to address any of the others.
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."