Slashdot Mirror
Former FBI Director James Comey Reveals How Apple and Google's Encryption Efforts Drove Him 'Crazy' (fastcompany.com)
An anonymous reader shares a report: In his explosive new book, A Higher Loyalty, fired FBI director James Comey denounces President Trump as "untethered to the truth" and likens him to a "mob boss," but he also touches on other topics during his decades-long career in law enforcement -- including his strong objection to the tech industry's encryption efforts. When Apple and Google announced in 2014 that they would be moving their mobile devices to default encryption, by emphasizing that making them immune to judicial orders was good for society, "it drove me crazy," he writes. He goes on to lament the lack of "true listening" between tech and law enforcement, saying that "the leaders of the tech companies don't see the darkness the FBI sees," such as terrorism and organized crime.
He writes, "I found it appalling that the tech types couldn't see this. I would frequently joke with the FBI 'Going Dark' team assigned to seek solutions, 'Of course the Silicon Valley types don't see the darkness -- they live where it's sunny all the time and everybody is rich and smart." But Comey understood it was an unbelievably difficult issue and that public safety had to be balanced with privacy concerns.
He writes, "I found it appalling that the tech types couldn't see this. I would frequently joke with the FBI 'Going Dark' team assigned to seek solutions, 'Of course the Silicon Valley types don't see the darkness -- they live where it's sunny all the time and everybody is rich and smart." But Comey understood it was an unbelievably difficult issue and that public safety had to be balanced with privacy concerns.
it would be nice to see how "crazy" he would feel if his own phone was hacked, his personal bank accounts stolen, his medical history made public, his emails analyzed in a foreign county just because a backdoor was mandatory for mobile devices.
He is crazy. Look at this statement:
public safety had to be balanced with privacy concerns
These are the SAME THING. If you weaken encryption people become less safe from those who want to invade their privacy and steal their data.They become more vulnerable to criminals and oppressive governments.
He seems to live in a fantasy world where there are good guys and bad guys and magical thinking actually works.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
He goes on to lament the lack of "true listening" between tech and law enforcement, saying that "the leaders of the tech companies don't see the darkness the FBI sees," such as terrorism and organized crime.
You colossally ignorant savage, you see tiny issues like terrorism and organized crime and don't see the darkness George Orwell, the Founding Fathers, and many others saw -- a boot stepping on a human face, forever.
Billions continue to live in despotism as their leaders use the tech you want for "crime" to catch and punish any challengers to their power.
Both Russia and China have leaders currently consolidating power for the long term, at least partly because of the lack of crypto government can't get into.
Thou impious fool.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Except for it transforms millions of targets into a single target, protected by someone else's incompetence.
Until the Chinese and Russian governments demand keys to ALL Apple devices, because devices sold outside their countries MIGHT be imported and used in China or Russia.
Or the US government demands to hold keys to devices sold worldwide for the same reason. People living outside the US shouldn't be subject to the US's whims and caprices either.
"the leaders of the tech companies don't see the darkness the FBI sees"
They see a different, more dangerous kind of darkness: one brought about by the FBI and law enforcement and the rest of the government itself. The 4th amendment and the broader right to privacy itself is supremely important to avoiding a tyrannical government.
This is more important than any benefit against terrorism and organized crime.
This book hasn't been released yet. The link provides a short quote and opinions about the context without sufficient information to be useful for anything but marketing hype. The link is an advertorial designed to generate hype.
09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
He [James Comey] goes on to lament the lack of "true listening" between tech and law enforcement, saying that "the leaders of the tech companies don't see the darkness the FBI sees,"
Similarly, the FBI appears to be not listening to the tech companies and not seeing the darkness they see. Things such state secrets repeatedly escaping (Snoden, Reality Winner, TSA keys), a perception that when a secret is shared with somebody else, it no longer is a secret and a belief that if one person can "break" encryption, so can somebody else.
>And the key storage would be as secure as the primary key storage you're currently using, so there is no additional vulnerability there either.
Of course there is. Primary key storage is done by *you* - the only way anyone can get access to your device is to target you specifically, and manage to determine your personal key.
Secondary "back door" key storage is done by the government, and used regularly by them if it offers any actual value - and thus there are likely hundreds, if not thousands of individuals with legitimate access to that key. And the moment any *one* of them is subverted - be it by bribe, blackmail, the temptation of the enormous black-market value of that key, or just plain old incompetence, *everyone* loses any real security on their phone. People are after all almost always the weakest link in any halfway decent security system.
Not to mention, one of the prime "bad actors" encryption protects against are the "legitimate" authorities, who have a long rack record of abusing their power - encrypting phones became popular in large part in response to the revelations of illegal government surveillance programs.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Police hold a lot of power. The definition of the boundaries on that power should not be definable by them.
Police (ethical ones) really only care about what they can do within the law to solve crimes. It’s not their job to think about the big questions, and I’m not going to fault them for that (although the top cops should probably try to step outside their box).
But it’s also why I don’t put a lot of weight into their opinions on things like this, or the rights of the accused, or the inviolability of personal property. And it’s one of the many reasons the people who *did* spend time thinking about the big questions gave us a Bill of Rights.
#DeleteChrome
The Boston Marathon bomber and the father of the nighclub shooter in Orlando were paid FBI informants. Even the Garland, TX terrorists were in communication with the FBI before their attack, and a security guard is suing the FBI for not stopping it. It will be interesting what comes out during discovery.
Last I checked, the IV amendment doesn't say:
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated" EXCEPT WHEN IT ANNOYS THE FBI DIRECTOR.
Saying Hillary was under investigation 11 days before an election was hardly helping her. Democrats are all oh so mad about that. He was just point out a possible upside.
He seems motivated by a personal code of morality that is intentionally oblivious to political reality.
I think it's more that he axiomaticly believes that the Good Guys could never become the Bad Guys. He can't even conceive the possibility.
He cannot see what us right in front of his face, that his former bosses are not Good Guys.
The tech guys get it, that as bad as the Bad Guys may be, it is even worse for everyone when the Good Guys become bad actors and/or act in bad faith.
I as a naive peon simply see the FBI as being lazy. they have more than enough tools, techniques etc to do what us peons need them to do, which is to not be Big Brother.
"the leaders of the tech companies don't see the darkness the FBI sees"...
Gee Comey, ever consider the fact that tech companies don't see this because the government chose to keep that CLASSIFIED?!?
Not to mention pointing out the fact that the tech companies kind of woke the hell up with regards to default encryption when Edward Snowden revealed in 2013 what the US Government does when encryption is NOT the default standard. How ironic our OWN Intel community caused this shift in default behavior...
I kind of understand his point, to be honest.
The old system of the police getting a warrant from a judge in order to wiretap a reasonably suspicious person's telephone, in order to make sure that he's actually a bad guy made sense. There was control and oversight, a reasonable expectation of privacy for the rest of us, and the police could use this tool to catch some bad guys (always with judge oversight).
Nowadays everyone only has to follow some short tutorials to get secure communication channels that world powers would have salivated over just a couple of decades back. This has obviously changed everything.
But that Pandora's Box has been opened, and can't be closed again, at all. Even if Google and Apple would play ball, there will always be open source tools that guarantee secure encrypted channels.
I would actually like the police to have the same capabilities as they had before - but I know that including backdoors, prohibiting encryption and other shenanigans simply wont work. And I have no idea what the law enforcement system could do to face this challenge.
After all the political policing used by the FBI against MLK, war protesters, and countless other dissidents, it's both hilarious and said to watch the modern American left fall down and worship at the feet of high-ranking officers in the American Gestapo like James Comey, Rod Rosenstein and Robert Mueller. At least be consistent.
Another point is I don't trust the government to keep my escrowed key safe. Leaks happen, hacks happen. The more places my secrets are stored, the more danger there is of them being stolen. And when it happens, I won't know, and even if I find out I have no recourse other than throwing away my device and going back to a normal PC where I can install proper, non key escrow encryption software.
Oh, this chestnut again. Let's review what actually happened...
Apple ignored a Federal warrant requiring them to assist in accessing a phone used by a dead terrorist.
No, they didn't. They provided law enforcement with the data they had - iCloud data, keychain contents...whatever data they actually-had, they handed over. What the government wanted was for Apple to write a firmware update that would enable the FBI to brute force the passcode requirement and push it to the phone. The reason there was all kinds of fanfare was because the FBI was trying to compel Apple to write software that didn't exist, for the sake of reducing security that everybody, everywhere, ever, knew was not going to be used in just this one singular case.
They claimed it would cost them to much money and tie up too many resources.
Well, yes. Writing software takes time and money, from intelligent humans. Apple doesn't have a central database of passcodes camping out on a Macbook in Tim Cook's office in Cupertino that they were simply refusing to query.
They claimed their security was so good that even they might not be able to retrieve any data from the phone.
Well, if Apple wrote firmware that worked well enough on their test unit, but ended up failing on the phone of interest for whatever reason, would the FBI have been okay with that? Or would Apple have been liable for obstruction of justice? Only a fool would give any form of guarantee.
They used the entire episode to showcase their commitment to a users privacy.
The way this is written, it sounds like it's intended to be derogatory...but I really don't see a downside to such a commitment.
In other words they used their actions to sell more devices.
You have a dizzying intellect. People want phones that are secure. The FBI indicates they are having trouble unlocking the phone. The FBI brings the issue to the court of public opinion. Apple affirms that their devices are so secure, the FBI has to compel them to write software that doesn't exist in order to maybe-kinda-sorta get access to it. People trust Apple more, and buy more phones as a result due to their security. Welcome to how capitalism is supposed to work.
And a couple of days later they ended up getting a big kick in the nuts as a third party proved Apples vaunted security technology was complete bullshit.
Well, that's quite a leap there. Third parties have *always* managed to find a vulnerability in iOS. Take a look at the history of jailbreaking; time and time again iOS has fallen given enough poking and prodding. If an Israeli company managed to successfully exploit a vulnerability as a last ditch effort, that's far different than Apple using their software developers and their signing keys to write software they did not want to write, at the behest of their own government officials, who would have ended up using the incident to cement into case law the ability of the FBI to require work to be done by private companies in order to meet their own ends.
Now, if you want to take it one step further...how come the last thing we heard from the case was that the Israeli company unlocked the phone? If there was any useful data at all on that phone, you KNOW the FBI would have been shouting from the rooftops how they arrested a dozen more terrorists because of what was on the phone, and how Apple got in the way. Instead, we heard nothing thereafter. If Apple was full of it with respect to their security argument, then the FBI was ten times worse and they never owned up to being wrong.
But hey, everyone has Graykey now, so you win.
He does a pretty good job dressing as a human to disguise his real identity - a snake.
Comey's loyalty is to the state and himself. He doesn't know God. He has nothing but disdain for ordinary citizens. He hates Trump with a passion few have. He's a big man wrapped up in himself. I pray for his soul.
Yep, he's a snake.
Do iOS assholes not see the same shit we see coming out of them? When will this shit end? FFS. Fuck you Apple.
But we are also capable of something you apparently cannot do: See beyond our own needs. Which is scary considering that your job is to put yourself into the boots of criminals so you understand how they think which allows you to catch them more easily.
We know that catching terrorists is harder when there is encryption. But flawed encryption means that terrorists will use perfect encryption while your industry, having to obey the law, has to use faulty one which can easily be cracked, not only by you but also by, say, North Korea. Which is certainly interesting in case of, say, a company developing new and more efficient means of enriching nuclear material.
Apparently you can't think this far. It's not that hard, really. In other words, I rarely agree with Trump, but firing you was one of his more sensible moves. We don't need ignorant people who are unfit for their job in critical positions.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
A lot of people have done a lot of anguished soul-searching since "their side" lost the 2016 election. They can't possibly accept that "their side" ran a horrible campaign and thumbed their noses at a huge silent majority. No, it's all political trickery by people pulling strings. The only kind of politics they have ever understood.
public safety had to be balanced with privacy concerns
In some ways he's right about this: there are situations where you really do need to balance one against the other. And that's the whole problem. The FBI, NSA, etc. decided it was up to them where to strike the balance, which of course meant giving themselves as much power as possible. And since they knew a lot of rabble rousing citizens wouldn't agree with their decisions, they went to huge lengths to hide what they were doing (and are still doing). If you keep your actions secret, you don't have to worry about anyone criticizing you.
By doing that, they betrayed democracy. If a balance has to be struck between safety and privacy, it's up to the people to decide where to strike it. Not the police. Not the government. And the people can only make that decision through a fully informed public debate. The FBI and NSA didn't want a public debate, so they just did what they wanted and slapped "top secret" on everything to keep the people from finding out. By doing that, they made themselves into the bad guys. And they will remain the bad guys until they come clean about everything they have done, and accept that it's up to the people, not up to themselves, to decide where to strike the balance.
"I'm too busy to research this and form an educated opinion, but I do have time to tell everyone my uninformed opinion."
Yes, and he has personally stated why. He didn't do it to hurt Clinton, he did it because he assumed she was going to win and thought it would help her to deal with this before her coronation.
I'd say that's the least-gracious way to read that. My take is that he didn't think it would be a game-changer for the outcome, and that if the news came out after the election that the'd re-opened the investigation it would undermine the legitimacy of the election (IE, the deep state covering up for Hillary). Moreover, at the time the word on the street was that that folks inside the FBI were going to leak it if Comey didn't speak up, so his hand was forced either way.
Millions long for immortality who do not know what to do with themselves on a rainy Sunday afternoon. -- Susan Ertz