Former FBI Director James Comey Reveals How Apple and Google's Encryption Efforts Drove Him 'Crazy'

An anonymous reader shares a report: In his explosive new book, A Higher Loyalty, fired FBI director James Comey denounces President Trump as "untethered to the truth" and likens him to a "mob boss," but he also touches on other topics during his decades-long career in law enforcement -- including his strong objection to the tech industry's encryption efforts. When Apple and Google announced in 2014 that they would be moving their mobile devices to default encryption, by emphasizing that making them immune to judicial orders was good for society, "it drove me crazy," he writes. He goes on to lament the lack of "true listening" between tech and law enforcement, saying that "the leaders of the tech companies don't see the darkness the FBI sees," such as terrorism and organized crime.

He writes, "I found it appalling that the tech types couldn't see this. I would frequently joke with the FBI 'Going Dark' team assigned to seek solutions, 'Of course the Silicon Valley types don't see the darkness -- they live where it's sunny all the time and everybody is rich and smart." But Comey understood it was an unbelievably difficult issue and that public safety had to be balanced with privacy concerns.

Good

[OffTheLip]

I hope it continues to drive him and others of his ilk crazy.

Re:Good

[AmiMoJo]

He is crazy. Look at this statement:

public safety had to be balanced with privacy concerns

These are the SAME THING. If you weaken encryption people become less safe from those who want to invade their privacy and steal their data.They become more vulnerable to criminals and oppressive governments.

He seems to live in a fantasy world where there are good guys and bad guys and magical thinking actually works.

Re: Good

Except for it transforms millions of targets into a single target, protected by someone else's incompetence.

Re:Good

[b0s0z0ku]

Until the Chinese and Russian governments demand keys to ALL Apple devices, because devices sold outside their countries MIGHT be imported and used in China or Russia.

Or the US government demands to hold keys to devices sold worldwide for the same reason. People living outside the US shouldn't be subject to the US's whims and caprices either.

Re:Good

[Immerman]

>And the key storage would be as secure as the primary key storage you're currently using, so there is no additional vulnerability there either.

Of course there is. Primary key storage is done by *you* - the only way anyone can get access to your device is to target you specifically, and manage to determine your personal key.

Secondary "back door" key storage is done by the government, and used regularly by them if it offers any actual value - and thus there are likely hundreds, if not thousands of individuals with legitimate access to that key. And the moment any *one* of them is subverted - be it by bribe, blackmail, the temptation of the enormous black-market value of that key, or just plain old incompetence, *everyone* loses any real security on their phone. People are after all almost always the weakest link in any halfway decent security system.

Not to mention, one of the prime "bad actors" encryption protects against are the "legitimate" authorities, who have a long rack record of abusing their power - encrypting phones became popular in large part in response to the revelations of illegal government surveillance programs.

Re: Good

[joemck]

Another point is I don't trust the government to keep my escrowed key safe. Leaks happen, hacks happen. The more places my secrets are stored, the more danger there is of them being stolen. And when it happens, I won't know, and even if I find out I have no recourse other than throwing away my device and going back to a normal PC where I can install proper, non key escrow encryption software.

Re:Good

[Voyager529]

Oh, this chestnut again. Let's review what actually happened...

Apple ignored a Federal warrant requiring them to assist in accessing a phone used by a dead terrorist.

No, they didn't. They provided law enforcement with the data they had - iCloud data, keychain contents...whatever data they actually-had, they handed over. What the government wanted was for Apple to write a firmware update that would enable the FBI to brute force the passcode requirement and push it to the phone. The reason there was all kinds of fanfare was because the FBI was trying to compel Apple to write software that didn't exist, for the sake of reducing security that everybody, everywhere, ever, knew was not going to be used in just this one singular case.

They claimed it would cost them to much money and tie up too many resources.

Well, yes. Writing software takes time and money, from intelligent humans. Apple doesn't have a central database of passcodes camping out on a Macbook in Tim Cook's office in Cupertino that they were simply refusing to query.

They claimed their security was so good that even they might not be able to retrieve any data from the phone.

Well, if Apple wrote firmware that worked well enough on their test unit, but ended up failing on the phone of interest for whatever reason, would the FBI have been okay with that? Or would Apple have been liable for obstruction of justice? Only a fool would give any form of guarantee.

They used the entire episode to showcase their commitment to a users privacy.

The way this is written, it sounds like it's intended to be derogatory...but I really don't see a downside to such a commitment.

In other words they used their actions to sell more devices.

You have a dizzying intellect. People want phones that are secure. The FBI indicates they are having trouble unlocking the phone. The FBI brings the issue to the court of public opinion. Apple affirms that their devices are so secure, the FBI has to compel them to write software that doesn't exist in order to maybe-kinda-sorta get access to it. People trust Apple more, and buy more phones as a result due to their security. Welcome to how capitalism is supposed to work.

And a couple of days later they ended up getting a big kick in the nuts as a third party proved Apples vaunted security technology was complete bullshit.

Well, that's quite a leap there. Third parties have *always* managed to find a vulnerability in iOS. Take a look at the history of jailbreaking; time and time again iOS has fallen given enough poking and prodding. If an Israeli company managed to successfully exploit a vulnerability as a last ditch effort, that's far different than Apple using their software developers and their signing keys to write software they did not want to write, at the behest of their own government officials, who would have ended up using the incident to cement into case law the ability of the FBI to require work to be done by private companies in order to meet their own ends.

Now, if you want to take it one step further...how come the last thing we heard from the case was that the Israeli company unlocked the phone? If there was any useful data at all on that phone, you KNOW the FBI would have been shouting from the rooftops how they arrested a dozen more terrorists because of what was on the phone, and how Apple got in the way. Instead, we heard nothing thereafter. If Apple was full of it with respect to their security argument, then the FBI was ten times worse and they never owned up to being wrong.

But hey, everyone has Graykey now, so you win.

Re:Good

[SoftwareArtist]

public safety had to be balanced with privacy concerns

In some ways he's right about this: there are situations where you really do need to balance one against the other. And that's the whole problem. The FBI, NSA, etc. decided it was up to them where to strike the balance, which of course meant giving themselves as much power as possible. And since they knew a lot of rabble rousing citizens wouldn't agree with their decisions, they went to huge lengths to hide what they were doing (and are still doing). If you keep your actions secret, you don't have to worry about anyone criticizing you.

By doing that, they betrayed democracy. If a balance has to be struck between safety and privacy, it's up to the people to decide where to strike it. Not the police. Not the government. And the people can only make that decision through a fully informed public debate. The FBI and NSA didn't want a public debate, so they just did what they wanted and slapped "top secret" on everything to keep the people from finding out. By doing that, they made themselves into the bad guys. And they will remain the bad guys until they come clean about everything they have done, and accept that it's up to the people, not up to themselves, to decide where to strike the balance.

nuts

[e**(i+pi)-1]

it would be nice to see how "crazy" he would feel if his own phone was hacked, his personal bank accounts stolen, his medical history made public, his emails analyzed in a foreign county just because a backdoor was mandatory for mobile devices.

Google it

[Impy+the+Impiuos+Imp]

He goes on to lament the lack of "true listening" between tech and law enforcement, saying that "the leaders of the tech companies don't see the darkness the FBI sees," such as terrorism and organized crime.

You colossally ignorant savage, you see tiny issues like terrorism and organized crime and don't see the darkness George Orwell, the Founding Fathers, and many others saw -- a boot stepping on a human face, forever.

Billions continue to live in despotism as their leaders use the tech you want for "crime" to catch and punish any challengers to their power.

Both Russia and China have leaders currently consolidating power for the long term, at least partly because of the lack of crypto government can't get into.

Thou impious fool.

He's right

[Tyrannosaur]

"the leaders of the tech companies don't see the darkness the FBI sees"

They see a different, more dangerous kind of darkness: one brought about by the FBI and law enforcement and the rest of the government itself. The 4th amendment and the broader right to privacy itself is supremely important to avoiding a tyrannical government.

This is more important than any benefit against terrorism and organized crime.

Comey...

[ooloorie]

So what we know about Comey is:

(1) He was politically motivated in Hillary's E-mail case, trying to help her gain legitimacy after election.

(2) He was politically motivated to hurt Trump.

(3) He likes to spy on American citizens.

"A Higher Loyalty" indeed. The FBI started out being run by megalomaniac, corrupt authoritarians, and little has apparently changed.

Re:Comey...

Saying Hillary was under investigation 11 days before an election was hardly helping her. Democrats are all oh so mad about that. He was just point out a possible upside.

He seems motivated by a personal code of morality that is intentionally oblivious to political reality.

Re:Comey should be grateful to Trump

[quantaman]

Odd how quickly you trust news stories that come from other biases only and from even less credible sources when you want them to be true.

How often do you put your own beliefs on news through the same process?

I subject my beliefs and sources of information to constant scrutiny.

But I'm under no obligation to treat the far-right propagandist cargo cults masquerading as news organizations with anything other than scorn.

Again with this one, I did my obligatory research, and in place of a fire I found clowns throwing smoke bombs.

James Comey is/was basically a cop

[93+Escort+Wagon]

Police hold a lot of power. The definition of the boundaries on that power should not be definable by them.

Police (ethical ones) really only care about what they can do within the law to solve crimes. It’s not their job to think about the big questions, and I’m not going to fault them for that (although the top cops should probably try to step outside their box).

But it’s also why I don’t put a lot of weight into their opinions on things like this, or the rights of the accused, or the inviolability of personal property. And it’s one of the many reasons the people who *did* spend time thinking about the big questions gave us a Bill of Rights.

Re:Irony: liberals loving America's secret police

[dev-in-seattle]

We liberals don't worship Comey, etc. We just see that they are trying to do the right thing in a very difficult circumstance. The easy thing is just go away. The hard thing is to stand up for what's right. In this case, the right thing is to speak honestly about Trump and the horrible behavior of the republican party, the part that is trying to justify trump as normal behavior and totally legal and fine.

Re:Forrest Gump of the FBI

[stealth_finger]

Remember when Trump tweeted about how bombing syria was a really bad idea when Obama did it, now it's mission accomplished apparently. He is a very stable genius after all.