Slashdot Mirror
FBI Again Calls For Magical Solution To Break Into Encrypted Phones (arstechnica.com)
An anonymous reader quotes a report from Ars Technica: FBI Director Christopher Wray again has called for a solution to what the bureau calls the "Going Dark" problem, the idea that the prevalence of default strong encryption on digital devices makes it more difficult for law enforcement to extract data during an investigation. However, in a Wednesday speech at Boston College, Wray again did not outline any specific piece of legislation or technical solution that would provide both strong encryption and allow the government to access encrypted devices when it has a warrant. A key escrow system, with which the FBI or another entity would be able to unlock a device given a certain set of circumstances, is by definition weaker than what cryptographers would traditionally call "strong encryption." There's also the problem of how to compel device and software makers to impose such a system on their customers -- similar efforts were attempted during the Clinton administration, but they failed. A consensus of technical experts has said that what the FBI has asked for is impossible. "I recognize this entails varying degrees of innovation by the industry to ensure lawful access is available," Wray said Wednesday. "But I just don't buy the claim that it's impossible. Let me be clear: the FBI supports information security measures, including strong encryption. Actually, the FBI is on the front line fighting cyber crime and economic espionage. But information security programs need to be thoughtfully designed so they don't undermine the lawful tools we need to keep the American people safe."
FBI mouthpiece is a fucking idiot. Jesus Christ, why is listening to people who clearly know better than them so goddammed difficult?
If you believe in privacy, and believe you have "nothing to hide" at the same time, you're a goddammed idiot
I'd like a magical pony. I know magic doesn't exist, but that shouldn't mean I can't get a magical pony.
#DeleteChrome
There is no security when a backdoor exists. Once it is known, everyone will work to get in, and you wont find out it was cracked until it has been heavily exploited.
But it turns out that a $5 wrench turns out to be as good as key escrow.
Anytime someone says they support strong encryption but want to be able to bypass whenever they have the need, my head wants to explode. Any bypass, back door or master key, no matter how well designed, perfectly implemented, or zealously protected, fundamentally weakens the encryption they claim to support. If a way around the encryption exists, someone will find and exploit it. Pure and simple.
I'm all for law enforcement being able to do their job. But I'm also all for strong encryption - my job in information security depends on it, and the sensitive information of millions of people would be at risk without it. Encryption is a tool, like a hammer: people with bad intent can use it to build harm as well as upstanding citizens can use it to build good. I'm sorry, but law enforcement needs to find another way to get to those nails, rather than make hammers defective for everyone.
But information security programs need to be thoughtfully designed so they don't undermine the lawful tools we need to keep the American people safe.
So here's what the industry should do...
Yes, you can use strong encryption on your phones. You then provide a super-convenient way for your customers to unlock their phones via biometrics. Then you convince the courts that, while they can't compel you to give up your password, there's nothing wrong with forcing people to unlock their phone with their fingerprints, face, etc.
There. Problem solved. You still have strong encryption but the government can compel you to use your fingerprint to unlock your phone.
The FBI was watching the 9/11 attackers to see what they would do. The FBI was warned by Russia about the Boston marathon bomber. FBI was given tips about Florida school shooter.
Yeah, FBI, keeping America safe.....keeping the government safe from its citizens anyway.
... for TSA luggage locks. I can pick up a set of luggage lock keys from Alibaba for $5. Sure feel like my luggage is secure knowing any joker can get the key to open my luggage, even if the TSA agent himself doesn't steal things from it.
Oh so they want full trust do they? Well, if they want us to trust them - trust by the way, that they have repeatedly proven that they have not earned or deserve - then there must be these conditions in cases of violation...
If any individual in that organization violates any of the rules set out to protect people's privacy, in any way, shape or form, either directly or indirectly, then they must, must be punished!
And I do mean punished. They should be terminated from their position - immediately - without pay. They forfeit any severance. They forfeit their retirement fund. They forfeit any future government employment in any level of government. They forfeit their current life savings. They forfeit their house. Basically, do the whole 'asset forfeiture' stuff to them.
And let's not just stop at that individual. Their entire department/division should also be investigated. Everyone in it should be interrogated. Their families too. Any found complicit should suffer the same punishment. That'll keep everyone on their toes, making sure others aren't violating the rules, avoid them protecting each other or higher ups under some code of silence, or try to frame just the one individual to avoid getting caught.
Basically, they should be treated just as they've treated past whistleblowers. Anything less means they really just get carte blanche to violate the rules at their leisure.
Any why no due process? Simple: if they break the rules, they can't be trusted - the very basic thing they're demanding. It's their job not to break the rules. Don't do the job, get fired! Break the rule, get punished!
If I tell you "don't push that button" then you turn around and push it, it's the same thing: Your job was to not push the button. It required no effort to not push the button!! You couldn't follow the basic rule; in fact, you deliberately went out of your way to break it. If you do push the button, you can't be trusted. Why should I trust you if you can't follow the rule?
AC comments get piped to
"But information security programs need to be thoughtfully designed so they don't undermine the lawful tools we need to keep the American people safe." Which one is it? you want our transactions to be safe and our information secure, or you want to argue some point about having access to data to keep us safe? On the second point, who feels "safe" when the government, or anyone else with the same tools, can get into our private systems at any time? We already have mass surveillance, yet, we still have terrorism, and crime.
FBI = Fat, Bald & Ignorant
Actually, the FBI is on the front line fighting cyber crime and economic espionage
So it looks like a US agency has finally decided to take responsibility for our nation's information security disaster!!!
Simple fix. Tariffs. It will solve the encryption imbalance and make phones great again
Be Excellent To Each Other
Phones and tablets synchronize everything to the cloud. Why can't they use the existing warrant system to get the data they need from cloud providers (albeit still encrypted, but they can attack that offline), or are Apple/Google/Microsoft hosting everything in Ireland now with a big FU to the USG?
Why in the FUCK do you assume every single person and device synchronizes "everything" to the cloud?
Those who wish to maintain privacy do not fucking use cloud services. So no, it is not "everything" or everyone.
Ok, fine. Don't believe it.
But if you're honest, you'll definitely recognize that everyone else believes it. Apparently you're the one smart person in America, and you're surrounded by fools and so-called "experts" who lack your insight.
Now prove everyone else wrong, inventor Christopher Wray.
"Believe me!" -- Donald Trump
If you want a pretty decent example of this, look at the encryption methods used in such things as DirecTV or Dish Network receivers. For many years,the "smartcards" containing your authorized programming were hacked in a cat and mouse game. You had to buy this programmer devices or that piece of PC software to keep up with it, but it was absolutely possible to unlock those things so you had all the programming without paying (or with just paying for a bare minimum subscription to keep something flagged as an active account).
Then, both of them discontinued their existing card technology and rolled out mandatory upgrades, and the hole was effectively sealed. Nobody I'm aware is really hacking these things anymore, in any big commercial way?
As I understand it, many of the previous hacks were really the result of leaks.... Someone was paid off to reveal a way to access the card and modify it.
That's always going to be the "weak spot" ... having such a hole that you're aware of and leave in there for internal use. If you give keys to a "trusted third party" like the FBI -- same problem only amplified because now the info exists both with the manufacturer AND the agency holding the keys. Twice as likely it will get leaked out by somebody, somewhere.
The 3rd key would effectively be a "backdoor" and cause the encryption to be weaker. Especially if the government holds the 3rd key, and it's the same for all encrypted devices. What if the government made a new 3rd key for each unique device? Where would they store the multiple exabytes of keys? How would they secure that data? (Insert "Yo Dawg I heard you like to encrypt" joke here) How does anyone know the government keys aren't manipulated, who watches the watchers? Is a 3 key system any less weak? No, not really.
It's a very simple idea: if the government is given a way to circumvent encryption, then malicious hackers are also given that way. You can't have your cake and eat it too. Hey FBI, stop asking already, the answer is permanently No.
This sounds great! Another single database that once cracked makes it easier for bad actors to crack the security. Sorry, I don't mean to be snarky, but it is a mathematical impossibility to have any means available of recovering a key, implementing a back door, or using any kind of key escrow, without an increase in the odds of breaking a security scheme. And while the argument of law enforcement is valid in principle, our financial transaction system absolutely relies on security and non-repudiation. The FBI isn't wrong to wish for a thing, but this guy is only a couple of steps away from not buying "2+2=4".
The FBI would never lie or abuse their power....
5 out of 6 people enjoy Russian Roulette & 6 out of 7 Dwarfs are not Happy
ship these guys a few kilograms of good quality Cocaine. It seems clear that they are starting to be able to talk after the last lot, but are not yet making sense. It is probably simpler and more effective for everyone if we just push them back into their drug induced addled fantasy world that to try to sober them up and break the bad new that what the rocks told them just is not true.
That way: they'll be happy and we'll all be happy!
This has nothing to do with encryption. It has little to do with Law and Order. It has to do with CONTROL. Let's face the facts: The vast majority of law enforcement, whether they admit it to even themselves or not, are in it because they want CONTROL of as many people around them as possible, and law enforcement careers give them that. They could investigate crimes and enforce the law regardless of encyption, but the fact that they can't CONTROL companies like Apple and force them to do as they are told, when they are told, without question makes them so angry that I'm sure they think about just putting a gun to Tim Cook's head and threaten to blow his head off unless he knuckles under and does as he is told to do. Surprise, surprise: many of our politicians aren't much better! They get into politics because they want power, and being an elected congressperson gives them that. They may not carry guns, but they still wield power, and in their anus-clenched-so-hard-they-could-make-diamonds obsessive-compulsive ultra-A-type personalities, they can't tolerate not knowing everything about everyone, immediately, without delay or reason why. So we have what we've got here today: a bunch of thugs with badges and guns, and a bunch of elected old farts who shuffle papers and make back-alley deals, and they all want to sift through your underwear drawer when you're not home. Naturally, they all need to be told to fuck the fuck off, not yours, you can't have it -- and they need to continue to be told that, ad infinitum.
... safe from what? Personally, I feel less of a threat from hackers or businesses (they track everything I do, but they only want my wallet) than from government agencies that want TOTAL control.
If you design a flawed lock, with many keys, developers will design a better lock. This problem will never be solved because there will always be groups who don't and won't allow others into their data. Even if the government passes laws requiring flawed locks, not all developers will listen. I'd rather give my device up, then allow law enforcement in, without the right to total privacy, you may as well have non at all.
I have been hearing Liberals and Progressives telling me for 2 weeks non-stop how the US Constitution only gives me the right to use whatever tools were in existence at the time it was written (or amended). Personal computing devices most certainly did not exist in the early 1790s when the amendments known as the Bill of Rights were adopted so they cannot possibly be covered by the 4th Amendment anymore than television and radio are covered by the 1st Amendment.
Don't like it? Then get of the Leftist bandwagon trying to completely ignore one-tenth of the Bill of Rights and stop promoting false ideas about what rights we have.
If you support a string of lies against one right, those same lies will be used against your interests in regards to other rights.
single point of failure - the manufacture code to generate said unlock key. no better than nay other key escrow system - one leak and everyone's got no security.
-------
1. Enjoy your job
2. Make lots of money
3. Work within the law
Choose any two.
According to the news lately, there seems to be no shortage of private firms who are willing to do this work for them.
But, this probably isn't about ' criminal ' phones is it ? They want the ability to get into any phone on demand. Having another firm do it for you creates all that nasty paperwork that can come back to haunt you later.
If they can do it in house, then they really don't don't need to ask permission.
As a lead cryptographic security engineer on the world's largest operating system, I think I have pretty clear visibility into the problems and potential solutions... and the truth is that while there's no information-theoretic reason why a law-enforcement access system couldn't be built while keeping the systems secure from everyone else, I have zero confidence in the industry's ability to do it in the foreseeable future.
The truth is that we have not been able to build truly strong security into consumer devices yet. We're getting closer. The work that Apple has done is excellent, and I think the Pixel 2 is even better, but the fact is that devices still get popped with monotonous regularity. The most we've been able to achieve so far is to raise the cost of extracting data from them, as the FBI found out when they were able to pay for the extraction of the data on the San Bernardino shooter's phone.
The FBI is asking industry to "innovate" in the same way that NASA might ask SpaceX to innovate by producing a fully reusable direct-to-Mars-and-back passenger spacecraft. Sure, there's no reason it's physically impossible, but we're quite some distance from being able to get live people to Mars at all. The FBI wants to build a secure back door while we're still working out how to make sure the hinges are mounted on the inside of the front door and the lock isn't easily pickable.
All of this, of course, is addressing the question of technical feasibility. A separate, and perhaps even more important, question is whether or not it should be done even if it could, and what sorts of protections it would require. Mobile devices are repositories of far more personal information than any other single, non-living source has ever been. I think something more than a simple search warrant should be required -- again, assuming it were even possible.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
But I just don't buy the claim that it's impossible.
Guess what? Math works whether you buy into it or not, bitch.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
Hmm, I won't get into that argument. Who knows. Definitely a 4th amendment issue.
Go fish.
It is. When something is public key encrypted, what actually happens is a symmetric cypher is uesd and then that key is encrypted by the public key and stored somewhere. You just encrypt another copy of the symmetric key with a different public key and store it.
BUT you have just severely compromised the safety of your data. There now exists an extremely valuable master key that can unlock every phone in America. Being kept safe by the same people who leaked a top secret bag of hacking tools to the world and had at least one of them incorporated into a cryptolocker style virus.
Would you give the local sheriff a copy of your house key if you and the whole county knew he'd keep it in an old shack on an abandoned property with no guard along with everybody else's house keys?
And even if it did... That's a pretty epically big prize waiting for the entity that manages it. Actually..... This leads to another thought. Ignoring the damage that it would do to confidence in X, Y and Z system (I really need this to be ignored for this to seem worthwhile :P)
Getting major manufacturers onboard with CLAIMING that this exists.
Then watch the real world attacks reduce substantially as massive amounts of resources are put towards trying to get something that doesn't exist.
AC re "one sent to the authorities" That would be a legal trap door, back door.
... "..more than 5,000 persons' phones were tapped"
When lots of different people have that 3rd key to use, copy and share the nation wide results fro privacy get interesting.
The mil and security services copy and share that third key. Ex and former staff use the their key. Other nations, groups, criminals get the third key thanks to trusted staff having split loyalties.
SISMI-Telecom scandal https://en.wikipedia.org/wiki/... "illegal domestic surveillance program"
Greek wiretapping case 2004–05 https://en.wikipedia.org/wiki/...–05 illegal tapping of more than 100 mobile phones
Domestic spying is now "Benign Information Gathering"
Sessions, the AG, has until Thursday to answer if the rules for obtaining FISA warrants have been changed since Congress passed them (they haven't). If they are following the currently passed rules, multiple people at the FBI and DOJ have broken 5 specific laws in obtaining FISA warrant...
All FISA warrants are illegal. Due process can not be conducted in secret.
Overwriting it once is good enough. There's no evidence that anyone has ever pulled off an real-world attack such as Gutmann described, and the people who have tried this under ideal situations (very old drive, never previously written, target data was the only thing on the drive, overwritten once) only managed to recover a few characters. In this century, recovering overwritten data is impossible, and the odds are that it was never practical to begin with.
Those who advocate genocide deserve every protection afforded by law, and none afforded by common human decency.
Have gnu, will travel.
Let me be clear: the FBI supports information security measures, including strong encryption. Actually, the FBI is on the front line fighting cyber crime and economic espionage. But information security programs need to be thoughtfully designed so they don't undermine the lawful tools we need to keep the American people safe. --Christopher Wray
Translation from FBIese: We would like you all to use very secure encryption that no one can break into except for us
I have 0 doubts that they sincerely want this.
Nerd Harder!
Why can't we go back to using jumpers to configure slot adapter cards? Why? I say!
Imagine I want to tell Travelsonic something secret. I don't have his email address or any other way to contact him other than posting here, for all to see. My desire is to post openly, where everyone can read it, but only Travelsonic can tell what it means. We have no means of agreeing on a secret password or anything.
Cryptography experts tells us that's impossible. Or was impossible, until Diffie and Hellman figured out a very clever way to do it. Diffie-Hellman key exchange is now used all the time, of course. It's a brilliant solution to a problem that seemed impossible for many years.
Therefore I don't think it's unreasonable to say "I understand we don't have any way to X, but it's possible that some clever innovation can somehow achieve this goal, something nobody had thought of yet.". In his remarks he acknowledged that there is not a solution, currently. He said he's not proposing any law or regulation, because there isn't any law that could make sense right now. He's right, most any such law that could be passed today would be bad.
In fact, I happen to know of some innovative ideas that partially solve the need. It's possible to do encryption in such a way that you can't read the message, but you can check if the message has certain strings in it. You can build a chip that, without revealing some fact , cryptographically proves that the fact is stored in the chip.
Simple salted hashing of text and call message numbers makes it impossible to know who someone called, yet still possible to answer whether they called one specific number. So the FBI could find out whether a suspect called Muhammad Atta, without being able to tell who else they called. This isn't super-advanced technology - every web site that has password login uses salted hashes, or should be using them.
I'm fact saving only the salted hash of the numbers you call and text would be MORE SECURE than what your phone does today.
This guy may, five years from now, propose something stupid. If so I'll oppose it. I don't see expressing a desire to consider what innovative solutions might solve certain needs, with a search warrant, as stupid. Such a search might have some uninformed people making dumb proposals, but he made none in this case.
Apple has the signing certificates. Apple has complete control. Apple is advertising the phone as an LEO defeat device and therefore complicit.
Remember, the walled garden is there to trap you, not protect you.
so if you got that stuff into your device and they cant get it out who says they already don't already have a copy of what was sent to your phone anyway in that bunker just east of slc ut.?
That's certainly doable, and a good way of looking at it.
Also in these discussions we should keep in mind the difference between *with a proper warrant*, based on probable cause, vs random searches such as a the border. In my opinion, for someone whose *job* is to catch bad guys, mostly very bad bad guys, and get evidence of what happened, it's not unreasonable for them to say "I'd like some of the really smart technical people to think about how we investigate crime in 21st century without impacting security too much". There ARE things that can be done, such as your example. Given physical possession of a phone (via a warrant to seize it due to probable cause), it's technically / mathematically possible to allow them to see "this phone did not call this number", without any possibility of revealing which numbers it DID call.
Manufacturer has unique key per device.
Justice dept has key 2
Law enforcement has key 3 held by 3rd party Security company.
Judges order unlocks the use of all 3 Keys which must be handled by another 3rd party forensics company which must use a system that pulls the Keys securely so nobody can view them in transit to the device.
Complicated as hell, but without access to the unique key and the other 2 Keys nothing can be decrypted.
Could go further and generate unique Keys per device for all 3 parties it would be a logistical issue to be solved. This would make it more difficult to compromise.
Also any attempt to use the Keys should pop up a notification to ensure people are not getting spies on. Keeps them honest. Code open to review.
I like Occam's Razor, and it gives a better answer than the conspiracy theories.
I've done a bit of forensics, and I write a little. I can imagine how much information about a person you could get from the contents of their smartphone. For a criminal investigation, if I were in that position and I had a choice to search a persons home or their smartphone but not both, I would pick the smartphone.
The job of the FBI is to investigate crimes, and having access to a suspects smartphone would do a ton of good towards this purpose. That is why they request it. No conspiracy theory needed.
That said, I don't want them to. Even if it makes their job easier. I don't want them to because one day I could be a suspect, innocent but a suspect, and I don't want my privacy violated in such a way. Just the number of accounts on which I'd have to change my password afterwards would take me a day or two.
But can we please shelve the conspiracy theories how all of this is some part of some big plan?
Assorted stuff I do sometimes: Lemuria.org
FBI Director Christopher Wray again has called for a solution to what the bureau calls the "Going Dark" problem...
It's not a problem, but a direct response to governmental overreach. It's a solution.
I always find it astonighing how many people who work in government don't agree with the core principles the country was founded on. It really should be a prerequisite to obtaining a job in government.
Sorry Comrade,
But Encryption that keeps data safe IS the goal, and if you can't crack it, tough.
Privacy is a right. PERIOD.
Perhaps if you and your fellow evil losers in government stopped violating Americans rights constantly and betraying the public's trust at every opportunity you'd have some sympathy out there.
The FBI can use the backdoored devices for a year or so to make sure they're super safe... then we can all laugh and watch as their private data spills all over the internet.
When you say "we need to keep Americans safe", what I think is "Americans need to be kept safe from you."
Every "law" enforcement agency has proven that it has bad apples who will abuse any authority given to them.
The FBI can not be trusted with master keys.
You know how if you enter your unlock code wrong once, have to wait a few seconds, three times and you have to wait a minute, ten times and you have to wait an hour? Yeah. That's how you stop enumeration of large sets.
Let me be clear: the FBI supports information security measures, including strong encryption.
Sure you do.
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
Somebody get that man a math textbook.
translates into all other dialects of the EN_xx group as
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"