SoylentNews is people
SoylentNews
Submitted via IRC for Runaway1956
The FBI's director says the agency is collecting data that he will present next year in hopes of sparking a national conversation about law enforcement's increasing inability to access encrypted electronic devices.
Speaking on Friday at the American Bar Association conference in San Francisco, James Comey says the agency was unable to access 650 of 5,000 electronic devices investigators attempted to search over the last 10 months.
Comey says encryption technology makes it impossible in a growing number of cases to search electronic devices. He says it's up to U.S. citizens to decide whether to modify the technology.
Source: http://www.nbcnews.com/news/us-news/fbi-chief-calls-national-talk-over-encryption-vs-safety-n624101
(Score: 4, Informative) by davester666 on Sunday August 07 2016, @07:25AM
And we already had a "conversation". We're fine with you not being able to read every single fucking message/email/whatever on every single fucking phone.
(Score: 3, Insightful) by TheRaven on Sunday August 07 2016, @10:38AM
More to the point, the adage that if you outlaw encryption then only outlaws will have encryption couldn't be more true. Applied Cryptography demonstrated a simple way of getting around the previous attempts by the USA to restrict access to strong crypto: the example code in the books had symbolic constants for key length that were defined to the 'weak' variants for which export was permitted. To turn them into the strong variants, you modified the key length constant. Anyone who wanted strong encryption illegally had it trivially. Unfortunately, the legacy of forcing standards like SSL to incorporate weak cyphers to allow export has led to a huge cost to the world economy (including the USA) in compromises due to attacks that trigger downgrading to one of the weaker algorithms.
The debate hinges on a false premise: that it's possible to control access to effective crypto. Unless you're going to be decrypting everything and analysing it to see if it looks like plausible plaintext, then it's very difficult to even identify which people on a network are using strong crypto vs weak crypto (vs transferring unencrypted data that doesn't fit your model). It's trivial to use one-time pads and linguistic steganography to embed secret messages that are almost impossible for an attacker to track, let alone decrypt, in troll messages. The basic idea of linguistic steganography is that you take a piece of text known to both parties (for example, the famous 'BSD is dying' post) and permute it subtly, introducing typos, displacing punctuation, substituting homonyms, and so on to encode a low bitrate message. If someone does this, it's very hard to tell the difference between messages that made these changes to encode information and messages that made these changes to get around spam filters. If you post the result, which includes a message that's encrypted with a one-time pad on the green site (or similar), then someone doing traffic analysis just knows that you posted some spam and that a few million people loaded a page that contains the spam. They don't know what the message says (unless they've copied the code book using some more traditional means) and they don't know who received it. Making Internet banking less secure won't help.
sudo mod me up