Stories
Slash Boxes
Comments

SoylentNews is people

UK Prime Minister Theresa May Attacks Encrypted Messaging, Seeks Safe and Ethical AI

posted by mrpg on Friday January 26 2018, @07:00AM   Printer-friendly
from the oh-my-god-give-it-a-rest-already!!! dept.

takyon writes:

Prime Minister Theresa May has not abandoned her usual crusades:

On a break from Brexit, British Prime Minister Theresa May takes her crusade against technology giants to Davos.

"No-one wants to be known as 'the terrorists' platform' or the first choice app for pedophiles," May is expected to say according to excerpts released by her office ahead of her speech Thursday at the World Economic Forum in Davos. "Technology companies still need to go further in stepping up their responsibilities for dealing with harmful and illegal online activity."

Don't forget the slave traders.

Luckily, May has a solution... Big AI:

After two years of repeatedly bashing social media companies, May will say that successfully harnessing the capabilities of AI -- and responding to public concerns about AI's impact on future generations -- is "one of the greatest tests of leadership for our time."

May will unveil a new government-funded Center for Data Ethics and Innovation that will provide companies and policymakers guidance on the ethical use of artificial intelligence.

Also at BBC, TechCrunch, and The Inquirer.

Related: UK Prime Minister Repeats Calls to Limit Encryption, End Internet "Safe Spaces"
WhatsApp Refused to add a Backdoor for the UK Government

Original Submission

 
This discussion has been archived. No new comments can be posted.
UK Prime Minister Theresa May Attacks Encrypted Messaging, Seeks Safe and Ethical AI | Log In/Create an Account | Top | 49 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by bradley13 on Friday January 26 2018, @07:34AM (3 children)

    by bradley13 (3053) on Friday January 26 2018, @07:34AM (#628141) Homepage Journal

    Here's the Gizmodo link: Letter from Senator to FBI, demanding names of cryptography experts [gizmodo.com]

    --
    Everyone is somebody else's weirdo.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2, Informative) by pTamok on Friday January 26 2018, @11:30AM (2 children)

    by pTamok (3042) on Friday January 26 2018, @11:30AM (#628216)

    And here's a link to the source:

    https://www.wyden.senate.gov/download/?id=B31DD6FF-98E8-490C-B491-7DE6C7559C71&download=1 [senate.gov]

    Note that I can make no guarantees that the text of the electronic copy you download will be the same as mine. Web.archive.org does not have access, so in the absence of digital signatures, you have to trust that the copy you get is the same as the one sent by Sen. Wyden to Christopher A. Wray, Director, FBI.

    I think the key point is asking specifically to confirm that experts have been consulted and advised that it is possible to "design government access features into [...] products without weakening cybersecurity". Maybe such questions should become a mantra for reporters and journalists who hear requests for 'government back-doors'.

    Perhaps one or several of the government agencies entrusted with knowing about these things have found a novel and subtle approach that does do what people currently believe to be impossible. If so, it would be nice if they told us about it, and not leave non-secret research to find it independently (like the S-box setting of DES [archive.org]).

    There is a way in which the intelligence agencies have got their back-door: by having knowledge of inadvertent vulnerabilities before they become well-known; and, possibly, by adding vulnerabilities (Dual EC DRBG [wikipedia.org]). The U.S. Military take a great deal of trouble to assure the supply-chain of certain of their electronics, having secure fabs etc. If you subvert the supply chain of non-military electronic components, you can ensure that pretty-much undetectable back-doors can be included from the hardware upwards [phys.org]. Some expert commentators speculate that AES was chosen as an encryption method because of its susceptibility to side-channel attacks [wikipedia.org] when not carefully implemented in hardware - in other words, cryptographically, it is fine, but it is difficult to implement properly, so that in practical use, unless someone has worked very hard on the implementation, there will be ways of extracting keys by observing the AES hardware in action. Similarly, subverting hardware random-number generators built in to processors is difficult to prove, but can give you access to the required data - some examples [wikipedia.org].

    Poor implementation of cryptography by non-expert programmers and users also subverts keys in useful ways, such as the duplication/re-use of RSA factors used in implementations across the Internet [iacr.org].

    The above vulnerabilities mean that a material portion of data that its owners thought was protected by strong encryption actually wasn't, and could easily be decoded by third parties. It is reasonable to assume that government agencies will continue to take advantage of flaws that they find that are not publicly known, and may indeed subtly encourage such flaws to appear.

    • (Score: 1) by pTamok on Friday January 26 2018, @11:46AM

      by pTamok (3042) on Friday January 26 2018, @11:46AM (#628220)

      For those interested in RSA factor re-use, there's neat web-page that goes into it here: Understanding Common Factor Attacks: An RSA-Cracking Puzzle [loyalty.org]

    • (Score: 0) by Anonymous Coward on Friday January 26 2018, @10:46PM

      by Anonymous Coward on Friday January 26 2018, @10:46PM (#628601)

      Mod this guy +40 informative, ASAP!

      *AC high five*