FBI Reports on Encryption

Loki writes "A few goverment reports on encryption. Mostly talking about the fears of letting the public have high grade encryption, and how that is a hindrance for law enforcment. " Somewhat older documents, and in .pdf format, but I guess that this is the FBIs justification. I'm so glad its all being challanged.

Freeh's Lame Arguments

[Steve+B]

When reading " The Impact of Encryption on Public Safety", I noticed that Freeh cited several examples in which the bad guys were caught and convicted anyway. If anything, these cases are evidence against his position: they prove that the police simply do not need these additional powers.

He then proceeds to silly analogies, such as "Would we allow a car to be driven with features which would evade and outrun police cars?" Well... yes, we would, unless high performance sports cars were banned while I wasn't looking.

Freeh concludes with a complaint that strong encryption will "drastically change the balance of the Fourth Amendment". Well, perhaps so, but he is conveniently silent about technologies which have already tipped the balance in the other direction. The net effect of Freeh's position is to create a one-way ratchet -- technologies which degrade privacy (e.g. drug testing, look-through-walls IR, etc) are deployed as widely as possible, while technologies which enhance privacy (e.g. strong encryption) are restricted as tightly as possible.

That said, there might be a case for mandatory key access if there were simply no other way for the police to surveil people who fall under legitimate suspicion. Fortunately, this is not the case -- just off the top of my head, I can think of three alternatives (planting a bug in the target's hardware, remote viewing of the target's monitor via Van Eck emissions, Trojan Horsing the target's crypto software).

The fact that these alternatives are more work than sitting in one's office and pulling up the target's key is, frankly, not my problem. The fact that these alternatives do not scale nearly as well as the government's desired mandatory-key-access regime (and are thus unsuitable for mass surveillance), is, IMO, a feature. The fact that the government seems to regard it as a bug raises a big red warning flag.
/.