Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Director: Without Compromise on Encryption, Legislation May Be the 'Remedy' (cyberscoop.com)

Posted by msmash on from the where-things-are-going dept.

An anonymous reader shares a report: FBI Director Christopher Wray said Wednesday that unless the U.S. government and private industry are able to come to a compromise on the issue of default encryption on consumer devices, legislation may be how the debate is ultimately decided. "I think there should be [room for compromise]," Wray said Wednesday night at a national security conference in Aspen, Colorado. "I don't want to characterize private conversations we're having with people in the industry. We're not there yet for sure. And if we can't get there, there may be other remedies, like legislation, that would have to come to bear." Wray described the issue of "Going Dark" because of encryption as a "significant" and "growing" problem for federal, state and local law enforcement as well as foreign law enforcement and intelligence agencies. He claims strong encryption on mobile phones keeps law enforcement from gaining access to key evidence as it relates to active criminal investigations. "People are less safe as a result of it," he said.

19 of 393 comments (clear)

  1. "People are less" by Loon911 · · Score: 5, Insightful

    More like the government institutions are less safe from the people.

    1. Re:"People are less" by saloomy · · Score: 5, Insightful

      This is stupid. Even if legislation came to bear, there is still open source, free and openly available encryption. The cat is out of the bag. Further more, there are phones moving across political boundaries. Are you going to mandate foreigners disable encryption when they enter the country?

    2. Re:"People are less" by Anonymous Coward · · Score: 5, Insightful

      People are less safe because we wear non-transparent clothes. We are less safe because are houses aren't made of glass.

    3. Re:"People are less" by Chas · · Score: 5, Insightful

      Sorry, but less safe than WHAT?

      Sure, some people might have their safety compromised by encryption stopping law enforcement.
      But how many people's safety is going to be endangered by mandating lack of encryption or that encryption violate MATH and back doors be put in "just for the good guys"? Because those back doors WILL be found and WILL be used! And not just by the "good guys". If there IS any such thing.

      There is NO such thing as perfect safety. And anyone selling you that is blowing smoke up your ass. With a leaf blower.

      Given the choice between freedom and safety, I'll take freedom. Thanks.

      --


      Chas - The one, the only.
      THANK GOD!!!
  2. So either way..... we don't have privacy. by Puls4r · · Score: 5, Insightful

    Either private companies give up our privacy by allowing the government access to our communications...... or laws will be passed FORCING them to give up our privacy.

    And we wonder why the United States Government won't pass a law protecting our personal data.

    1. Re:So either way..... we don't have privacy. by mrclmn · · Score: 5, Insightful

      Compromise is an interesting word choice. Indeed everything will be compromised.

    2. Re:So either way..... we don't have privacy. by AHuxley · · Score: 5, Insightful

      The phone and any devices in a dwelling will be used to collect it all.
      The level of encryption US brands had the staff to work on is not of good quality.
      So the FBI can get into it all as it always did.

      The legal side is the real question for the FBI.
      Collect it all and then never tell lawyers, press, other police, experts?
      That fully protects FBI crypto methods from human rights lawyers, political activist media, cults, faith groups, police who give information to criminals, gov/mil staff with a split loyalty to the USA.
      The down side is the risk then needed to create another way to start an investigation. To get a plea bargain, create an informant.

      The other way is to go full NSA and DEA. Let the USA know everyone is getting collected on domestically and with public/private partnerships.
      Two very different methods that have the US gov totally in all communications.
      One will see a person confronted with their cell phone use.
      Another method will see full parallel construction, the use of informants to hide the collect it all US crypto ability.

      A huge internal struggle in the FBI. To collect and collect on every hop of communications for years and always win.
      To get human rights lawyers looking over sensitive US domestic collection methods, collection results and ensuring such methods are talked about.

      Does the FBI want to be as skilled as the GCHQ was at keeping methods hidden for decades? Total winning but nobody will ever know.
      Have key evidence and active criminal investigation methods sold and given away by lawyers, cult members, criminals, police working with criminals?
      To have US ISP and big brand staff know how the FBI breaks crypto and sell such methods to criminals, other nations?
      To have police and city workers under watch by any criminal groups, cults able to buy the same crypto collection methods?
      Once junk US crypto is broken for police, everyone interesting can afford a key.

      --
      Domestic spying is now "Benign Information Gathering"
  3. Nope by Artem+S.+Tashkinov · · Score: 5, Insightful

    room for compromise

    Math doesn't have it. If there's a shared key to all our communications, it will sooner or later leak and it will render all encrypted data wide open. Also, I presume that for some reasons Christopher Wray doesn't keep a copy of the keys to his house at some government agency, no?

    People are less safe as a result of it,

    Governments and often unrelated companies are less privy to our private lives as a result of it. FTFY.

    1. Re:Nope by Anonymous Coward · · Score: 5, Funny

      FBI Dimwit Christopher Wray: "I'll have you know that I am admiral and my ship has the right of way!"

      Math: "I am a lighthouse..."

  4. SAY IT ALL WITH ME, NOW: by Rick+Schumann · · Score: 5, Insightful

    When encryption has backdoors, then NO ONE will have encryption at all

    You CANNOT have 'backdoors' in an encyption algorithm and still have effective encryption, goddamnit!

    Clearly the FBI and Congress doesn't give a rat's ass whether or not anyone has secure systems or not, so long as they can stick their little brown noses into everyones business. Who cares if every computer in the country is easily hacked by even script kiddies, everyones identity is stolen, and everyones bank accounts drained and credit cards charged up? The Feds will have 'unbreakable' encryption, as will all elected officials and of course The Rich, they'll all be exempt from it, while the rest of us are wide open to whoever wants to victimize us.

    Them, them, FUCK THEM.

    1. Re:SAY IT ALL WITH ME, NOW: by gweihir · · Score: 5, Insightful

      The thing is that people like this guy have no clue what a "fact" is. He thinks it all comes down to power and that, given enough power, a certain "reality" can be enforced. It is a typical mental defect found in basically any fanatics. A still very instructive example of that is when the catholic church tried to force the world to be flat. They had absolutely no understanding that the shape of the planet did not care about them one bit and that all their power had zero influence on reality.

      Still, people like that in position of power is a sign of a sick society. It is a severe problem.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  5. Less safe.. great argument.... by SmaryJerry · · Score: 5, Insightful

    "People are less safe as a result of it." People are less safe by leaving their room every day. Some things are just expected to be "less safe" but we do them because we want to be more than prisoners.

  6. A very binary issue by Voyager529 · · Score: 5, Insightful

    They keep talking about "compromise" as if Tim Cook and Larry Page have everyone's encryption keys in a file on their laptops that they refuse to hand over for convicted mobsters. That sort of mindset just does not reflect the nature of the situation.

    Here is what it ultimately boils down to:

    1. The user - and only the user - has the encryption key.
    2. Companies are compelled to sell devices that cannot be secured at all, because a 'master key' lives somewhere.

    That's it. Those are the two options. There is no way for the phone to verify if there is a warrant, or if the person inputting the master key is truly a law enforcement agent or not, or any other way to ensure the individual using the master key is justified in doing so, or any means of discriminating between a hack and a court order.

    If Wray would like to come up with a third option that doesn't ultimately fall into the category of one of the other two, he's welcome to try. Smarter people have failed.

  7. It's not their job to prevent crime by J053 · · Score: 5, Informative

    It is not the job of the security services to prevent crime/terrorism/kiddie porn/copyright infringement/whatever. It is their job to investigate after the fact in order to convict those responsible. That's how our justice system works. The only justification for the ability to decrypt all encryption is for (attempted - in reality it will never work) prevention.

    After a crime has been committed, in order to obtain evidence, the authorities can always obtain a warrant to compel a device owner to decrypt/unlock a device. If the owner refuses, that's what contempt of court is for. If the device owner is dead, who gives a fuck what's on the phone? If the owner (presumed criminal) is willing to sit in jail indefinitely for refusing to unlock/decrypt, that is an acceptable outcome.

  8. Anti-American. Anti-Democratic. by gerald.edward.butler · · Score: 5, Interesting

    Please, I don't give a rat's ass about what evidence you can or can't gather from devices. It isn't pertinent to the discussion. People should be able to have private conversations that you don't get access to under ANY circumstances for whatever damn reason they please. Go F yourself. You anti-american, anti-democratic, nazi, communist, dick-weed. YOU are the enemy of the people. The "criminals" and "terrorists" are the least of our problems. You are and your ilk are to be feared and removed from office. You are the danger. You are not the solution. You are the problem.

  9. Re:Legislation can't stop open source by Anonymous Coward · · Score: 5, Insightful

    Problem with "give us the key or go to jail" is...what if you don't have the key?

    What's to stop someone sending me some encrypted communication with a public key that I don't have access to?

  10. Compromise my ass. by catsRus · · Score: 5, Insightful

    Anytime any political type of any stripe says they just want compromise, what they mean is they want capitulation.

  11. Encryption is ALWAYS available. by Futurepower(R) · · Score: 5, Insightful

    Good comments:

    "... there is still open source, free and openly available encryption."

    "... there are phones moving across political boundaries."

    Many people in government and in management of private companies have NO knowledge of technical issues. That doesn't prevent them from having what they consider to be a strong and sensible opinion. They don't recognize they are ignorant.

    ALSO: Back doors are not an answer. They will ALWAYS eventually be compromised.

  12. Flat Earthers Deserve Less Credit Than You Give by cervesaebraciator · · Score: 5, Informative
    I agree with the thrust of your post, but a detail compels me to offer a friendly correction.

    A still very instructive example of that is when the catholic church tried to force the world to be flat. They had absolutely no understanding that the shape of the planet [...]

    This is untrue. Scholars in the middle ages were mistaken about many aspects of cosmology, to be sure, but the whole flat Earth business is a myth in more ways than one. First, it's important to understand that there were no official dogmas on these matters. But setting that fact aside (which requires a discussion of how dogma, canons, and councils work), there's a more directly relevant fact. The major Christian teachers during the middle ages treated the world as spherical. Hell, even the guys who objected to Galileo in later years thought of the world as spherical.

    The reasons for this have to with the Aristotelian physics to which the objectors to Galileo were regrettably too committed. To oversimplify their position: earth (dirt, minerals, etc.) and water goes down; air and fire go up. If the former go down from all directions and the latter go up, you cannot but have a spherical planet with airy, firey (and quintessential!) things above it. Indeed, the objection to Galileo is based partly on this Aristotelian understanding of the elements (How can the Earth be moving in a circular fashion if the natural motion of its primary constituent--earth--is simply down?). To be sure, we have a better understanding of physics today than did the scholastic disciples of Aristotle, but I hope you can see that even in their view a flat Earth is incoherent.

    TL;DR: Neither the Church nor educated medieval folk in general bought into any flat Earth nonsense. This is merely a popular myth. Modern flat Earthers are even behind Aristotle (d. 322 B.C.) on this one. Now, whether the spherical Earth was thought of as moving or fixed in the center of the universe is another story altogether...

    P.s. I only offer this lengthy correction because sometimes I fear we give modern flat Earthers the appearance of having even more credit than they deserve. Conspiratorial minds can dismiss claims of what we can discover with government funded rockets and satellites. "No one believed this round earth stuff until the government forced it on us all and fabricated the evidence!" My response is something along the lines of, "Come on. Medieval people knew the Earth was round. Eratosthenes had a pretty good estimation of its size, given the limited tools he was working with. Come join the third century B.C., will you? Grab a pocket calculator and look down a well."