Slashdot Mirror
FBI Director Says Prolific Default Encryption Hurting Government Spying Efforts (go.com)
SonicSpike quotes a report from ABC News: FBI Director James Comey warned again Tuesday about the bureau's inability to access digital devices because of encryption and said investigators were collecting information about the challenge in preparation for an "adult conversation" next year. Widespread encryption built into smartphones is "making more and more of the room that we are charged to investigate dark," Comey said in a cybersecurity symposium. The remarks reiterated points that Comey has made repeatedly in the last two years, before Congress and in other settings, about the growing collision between electronic privacy and national security. "The conversation we've been trying to have about this has dipped below public consciousness now, and that's fine," Comey said at a symposium organized by Symantec, a technology company. "Because what we want to do is collect information this year so that next year we can have an adult conversation in this country." The American people, he said, have a reasonable expectation of privacy in private spaces -- including houses, cars and electronic devices. But that right is not absolute when law enforcement has probable cause to believe that there's evidence of a crime in one of those places, including a laptop or smartphone. "With good reason, the people of the United States -- through judges and law enforcement -- can invade our private spaces," Comey said, adding that that "bargain" has been at the center of the country since its inception. He said it's not the role of the FBI or tech companies to tell the American people how to live and govern themselves. "We need to understand in the FBI how is this exactly affecting our work, and then share that with folks," Comey said, conceding the American people might ultimately decide that its privacy was more important than "that portion of the room being dark." Comey made his remarks to the 2016 Symantec Government Symposium. The Daily Dot has another take on Comey's remarks, which you can read here.
Did they learn nothing from the encryption wars of the 1990s?
Here's my take on that.
Fuck you. We're not your children . Stop treating us as if we were.
He keeps proving it.
Go fuck yourself, federal government.
When law enforcement agencies in the USA think "parallel construction" of the source of their evidence is acceptable or justifiable. Maybe if they hadn't be so underhanded and dirty in the first place, people might believe in them.
Um, Duh. You brought this on yourselves. If you didn't constantly overreach, I wouldn't feel as completed to encrypt all my communications.
You can't have an "adult" conversation with a child like Comey.
AC comments get piped to
The Feds were the ones that violated the "bargain".
Good.
> "With good reason, the people of the United States -- through judges and law enforcement -- can invade our private spaces," Comey said, adding that that "bargain" has been at the center of the country since its inception.
Yes, but for specific limited instances and after obtaining warrants for each case.
What Comey/The FBI are actually demanding is our freedom to use encryption be completely removed so that they can perform warrantless mass monitoring on a national scale.
Yes, Director, the room you're charged with exploring is dark. It's dark not just for you but for everyone. This include people who want to steal our identities or the contents of our bank accounts, who want to take personal pictures or conversations and broadcast them to the world without our consent, who want to perform corporate espionage, who want to see us to prey upon us and our children. Turning on the light may let you see, but you're outnumbered by the criminals in the darkness who are begging you to flip that switch so they too can see.
If you're willing to step it up and protect us from all those monsters in the dark, then tell us exactly how you plan to protect us and MAYBE we'll let you flip that switch. But somehow I don't think you want to commit the massive amount of resources that will be needed to protect us. If you don't, we want the light to stay off.
A few months ago I gave a copy of 1984 to a pretty smart friend of mine who I know otherwise seriously lacks in literacy and thinks he at least some what understands the implications of something like what this stories summary is offering but really doesn't. When I offered it I tried to explain that it is very timely and why. He cut me off while thumbing through it to say "That's a lot of words". He never read it and used it as kindling a couple of months later.
This is part of the problem. Extrapolate at will.
Brought to you by Carl's Junior.
The 4th amendment says
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized
That means if the FBI wants me decrypt any of my documents they can show my lawyer a search warrant otherwise they can FUCK OFF. If you want to fight these fuckers you, yes you, can start by teaching other people how to use strong encryption and why they should use it all the time. Yea,the NSA has monster facilities to break encryption but the cost of that is not zero. There are more of us then there are of them.
Another day closer to redwood heaven
If that's the best you've got, then you've got nothing.
The Feds got caught with their hands in the cookie jar. They instigated all of this. They have no standing to whine about it.
Part of being "grown up" is owning your mistakes.
A Pirate and a Puritan look the same on a balance sheet.
""Because what we want to do is collect information this year so that next year we can have an adult conversation in this country."
But we are already having that conversation:
We as adults, don't want you to spy on us and we'll do everything we'll have to reach that goal, even if we have to import our gadgets from one of the other 194 countries, where they don't give a fuck about your reasons.
You, OTOH are throwing a tantrum like a brat that has to do the bed himself for the first time in his life.
Exactly. If I and millions of other people want to use encryption, it's not up to the FBI to tell me not to do so.
This guy will never admit it, but the fault lies with the past and continuing attitudes towards data gathering in the NSA and FBI. Massive overreach (as documented by Snowden) led to an accelerated implementation of encryption.
Comey: grow a pair and admit that it is your own fault.
The real "Libtards" are the Libertarians!
So his views are the 'adult' views and anyone with critical views of that is a child?
You can still follow the "bad guys", plant bugs with court authorization, use GPS trackers with court authorization, all the old school techniques are available to you. You just can't use our own devices against us. Why is that so hard to understand? Stop acting like a petulant child.
Comey seems to think he's the adult in the conversation.
Non sequitur: Your facts are uncoordinated.
I understand what he's saying and agree that encryption makes it hard for the FBI. The problem is that every time the FBI gets a new power, they have a long and storied history of abusing that power. The FBI (and government in general) abusing the constitutional rights of citizens is the main reason I support strong encryption for everyone. Criminals and terrorists don't scare me, the FBI does.
I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
So the FBI wants people to cooperate with them, to use weak encryption so they can unlock data when they need to. OK. Who is going to do that? Let's say law-abiding people will cooperate. What compels criminals to cooperate? What compels non-Americans to cooperate? What prevents people from use their own additional encryption, like putting a 2nd lock on your door? What prevents people from obfuscating their data? Here's the key, see, it's a Rick Astley video.
He basically wants the right to secretly dig a tunnel under your home, sneak in while you're not there, steal whatever they want, and leave without anyone knowing it. Except in your phone.
Even worse: he want the tunnels being pre-dug (= "backdoors").
You know how in Switzerland every house has a mandatory under-ground shelter ?
What he wants is every single house in the USA having a mandatory underground tunnel that leads to a nearby police station. A *secret* tunnel that you're forbidden to know about when you buy your house.
That's what an encryption backdoor is the equivalent of : a mandatory secret back-door built in every house in the USA.
And with the automation and international connection that is available on the internet, the real-world situation is even worse than this putative mandatory tunnel.
(Now the metaphor is getting a bit harder...)
It would be as if the police station had an nearly infinite amount of low-ranking police personal that could devote their entire time to travel the tunnel each day, sneak into your house every single day, and take a picture of you naked in your shower. And not only you personnally, but though every tunnel, available in every single home built on US soil under US building code. Each fucking day.
But said local police station lacks trained and experienced detective to do anything useful out of the photos/objects/proofs brought back from by the agents.
And meanwhile, all the people living outside of the USA are completely immune to it because their local building code either don't mandate the tunnel (and thus, the US police agents can't even use this tunnel network to peak into the homes of ISIS terrorists, although that was the main selling point of the tunnel network when it was voted in)
Or mandate an entirely different type of tunnel that the US police has never heard off (and leaves some part of the US population at risk, because they buy and install a port-a-potty from China, and never realise that these come with tunnels leading directly into their chinese secret police).
All the while the Russia mafia has trained an incredibly huge army of burglars to roam the US (and Chinese) networks of secret tunnels, stealing as much as possible from every house they happen to reach. And even sometimes using your own house as a base of operation to commit crimes while you're away for work. (botnets).
At the end of the operation, maybe 1 single terrorist happens to get caught due to random chance. And maybe due to the fact that he was bragging that he is a terrorist the whole day in the middle of the street ( = wasn't even using encryption at all. Just plain text SMS.)
At the same time there will be millions of damage due to stolen property through the tunnels network.
( = just have a look at the massive data leaks that you have *today* when hacker still go through the long round about route of actually hacking into servers. Now think how much more damage would be done when the hack don't actually even bother to hack, but just leverage the backdoors that are mandated by the various governments)
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
When law enforcement agencies in the USA think "parallel construction" of the source of their evidence is acceptable or justifiable. Maybe if they hadn't be so underhanded and dirty in the first place, people might believe in them.
This is a third of the problem, and the third they really don't understand. I don't believe there's even been an apology for mass surveillance, just rationalizations and more-of-the-same and parlor tricks like pretending it was meaningfully helpful to make the telcos rather than the government maintain surveillance databases.
There is also the tech problem. If the encryption is breakable because your friends have a secret key, your enemies are going to make that secret key their #1 priority. If you share that secret key with your friends at the NSA, now your enemies have at least two places they can try to social engineer, crack, etc... that secret key from.
And then there is the legal problem, where it is hard to have effective legal accountability for law enforcement under any conditions, but it's harder still when dealing with secret government actions and mass warrants.
Real lawyers write in C++
We, the people, have already had an adult conversation.
You were not invited, Mr. Comey, as you did not meet the criteria.
In that conversation, we decided it best to encrypt our communications.
Maybe if you behave yourself, you will be invited to the next adult conversation.
This signature is false.
Parallel construction, aka "a conveniently timed and helpful anonymous tip"
Another thing encryption helps with: making it harder to plant evidence on digital devices...
Yeah... I'm in the "go f*** yourself" camp on this one.
The "adult conversation" the FBI says it's planning is a call for criminalization of any encryption that the FBI can't break. They want a back door and if you won't give it to them, they will put you in jail. Or use the powers of the NDAA to hold you without trial or "rendition" you to a country like Egypt where you can be tortured without anyone noticing.
This is an FBI which not only has broken the law regarding surveillance of US citizens, but then lied about it to Congress. The FBI may be correct that some terrorists will succeed because their communications are encrypted. That is better than living under an FBI shadow government that thinks it is above the law. We don't have to speculate about the intent of the FBI. We already know they broke the law and lied to Congress. And still have not been prosecuted for it.
"He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
Doors with locks.
Envelopes that aren't resealable.
The Fourth and Fifth Amendments.
All those things "hurt" government's ability to watch its citizens.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Even if I trusted the FBI to only use the information for the public good and in accordance with the law, I don't trust their ability to secure the information. Whatever mechanism is provided to the FBI to access secured data risks being transferred to some non-trusted party.
One the most important lessons from Snowdon was that even the NSA cannot protect its own secrets. How can I possibly be convinced that the FBI will be able to do so? Will Llooyds insure them for say $1T against a data breech? Or how about in the event of a breech, the directory and the top 1000 managers are executed (regardless of their personal guilt)? Are they *that* sure? If they aren't that sure, then I'm not sure enough to trust them. Imagine the damage that could be done by a person or government with access to virtually all information in the US .
is so full of shit, it's coming out of their ears.
Their constant whining about crypto is merely a distraction. They don't need to break the crypto when they can just install the malware to steal your keys.
They don't need it when they can just jail you indefinitely for failing to provide the keys on demand.
They want everyone to THINK they can't get into it, when reality is quite different.
It's akin to putting a high security vault door on your house. Seems pretty safe until you notice the windows. Then the door becomes irrelevant.
The NSA has shown us that NOTHING that is network connected can be trusted. Period.
If they're not sitting on a trove of zero-days, then someone else IS. The attack surface is just too big to effectively secure. Too many ways in.
You want to keep something a secret you would be better off going back to old school methods. With their fingers in everything, I just don't trust the tech enough to utilize it for anything I want to keep secure.
I promise I'll give up my password when I get a warrant and verify it with my lawyer.
The only reasons for backdoors are to violate the 4th amendment with mass surveillance or for ephemeral keys that get destroyed like an encrypted chat or phone call but they should not have been recorded without a warrant in the first place.
and stop using corporate-vendor encryption - it's too good and we can't spy on it.
-- FBI Agent Brer Rabbit
The best possible permutation is where criminals are in total darkness, while the most incorruptible members of law enforcement, after obtaining a legitimate warrant, are in a brightly-lit room.
Even assuming you could find such a paragon of virtue to trust with everyone's secrets, which I highly doubt—and which is not your call to make—this has been tried. Many times. It simply does not work. If there is a back door into everyone's encrypted data, it will be available not only to these impractically idealized members of law enforcement for the objectively reasonable and impartial enforcement of universally agreed-upon laws, but also to criminals and others with less noble intentions. It's much the same problem as a large conspiracy: the more people that have access, the easier it for the back door to fall into the "wrong" hands; and a back door you can never use for reasons of security might as well not exist. It will get used, frequently, and it will leak, and when it does it will put everyone's private data in jeopardy. (Except for the real criminals, of course, who took care to speak in their own private code and/or encrypt all their data with an unbreakable and trivial-to-implement one-time pad—which won't be discovered until after the warrant has been issued to decrypt the files with the government's master key.)
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
Something like that could be a viable option. They've been building their infrastructure to drink from the firehose, so let's give them Niagara instead.
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
Making Americans more vulnerable to foreign and domestic hackers does not make us safer.
Just because the FBI could also potentially use those same hacking tools against criminals and terrorists doesn't make it a good idea to make the rest of us vulnerable.
Like ordering people to leave their doors open at night in case the FBI needs to check on something.