Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday February 18 2018, @04:13AM   Printer-friendly
from the US-is-screwed dept.

The EFF addresses some shortcomings in the recent report to policy makers by the National Academies of Sciences (NAS) on encryption.

The National Academy of Sciences (NAS) released a much-anticipated report yesterday that attempts to influence the encryption debate by proposing a "framework for decisionmakers." At best, the report is unhelpful. At worst, its framing makes the task of defending encryption harder.

The report collapses the question of whether the government should mandate "exceptional access" to the contents of encrypted communications with how the government could accomplish this mandate. We wish the report gave as much weight to the benefits of encryption and risks that exceptional access poses to everyone's civil liberties as it does to the needs—real and professed—of law enforcement and the intelligence community.

The report via the link in the quote above is available free of charge but holds several hoops to hop through between you and the final PDF. The EFF recognizes that the NAS report was undertaken in good faith, but identifies two main points of contention with the final product. Specifically, the framing is problematic and the discussion of the possible risks to civil liberties is quite brief.

Source : New National Academy of Sciences Report on Encryption Asks the Wrong Questions


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Funny) by janrinok on Sunday February 18 2018, @09:21AM (10 children)

    by janrinok (52) Subscriber Badge on Sunday February 18 2018, @09:21AM (#639664) Journal
    So if everybody sends a text containing random data once a day to a random phone number, will everyone be committing an offence? Must a text contain English? You've paid for the right to send texts via your phone. And NSA will have so much data to look at that they will have no chance of sorting it out. Plus, you have no backdoor to give them, so you could not be found guilty of not giving them a backdoor that doesn't exist.
    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Funny=1, Total=2
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 1) by redneckmother on Sunday February 18 2018, @01:52PM (2 children)

    by redneckmother (3597) on Sunday February 18 2018, @01:52PM (#639690)

    I like this idea.

    Are there any "blind drop" sites on the 'net? I have a hardware RNG, and would love to raise the background noise for the TLAs.

    --
    Mas cerveza por favor.
    • (Score: 2) by janrinok on Sunday February 18 2018, @11:20PM (1 child)

      by janrinok (52) Subscriber Badge on Sunday February 18 2018, @11:20PM (#639848) Journal
      A blind drop site would make it too easy for the NSA. They would simply ignore any traffic going to that site.
      • (Score: 2) by Bot on Tuesday February 20 2018, @04:25PM

        by Bot (3902) on Tuesday February 20 2018, @04:25PM (#640707) Journal

        until somebody uses it...

        --
        Account abandoned.
  • (Score: 2) by canopic jug on Sunday February 18 2018, @02:16PM (2 children)

    by canopic jug (3949) Subscriber Badge on Sunday February 18 2018, @02:16PM (#639700) Journal

    They'd just throw your ass in jail until you cough up the key. However, since there is no key, you'd just stay there indefinitely.

    In a much dodgier case [arstechnica.com], that has already happened.

    It's a clever idea otherwise and could be tried. I suspect though that if there were enough suspicion to warrant closer attention and a larger budget, they'd just work toward an end-point compromise and eventually figure out that it was just noise.

    --
    Money is not free speech. Elections should not be auctions.
    • (Score: 2, Insightful) by redneckmother on Sunday February 18 2018, @02:39PM (1 child)

      by redneckmother (3597) on Sunday February 18 2018, @02:39PM (#639708)

      As others have noted, it's all about money.

      If there were a "blind drop", and enough individuals would send (and read) gibberish posts, the TLAs could chase their tails until they decided to abandon such nonsensical efforts.

      Who knows, perhaps one could put a little wheat in with the chaff? That possibility would give them nightmares.

      I wish the gubmitt would spend more resources on improving life and respecting individual (as in living, breathing people) rights.

      --
      Mas cerveza por favor.
      • (Score: 0) by Anonymous Coward on Monday February 19 2018, @12:14AM

        by Anonymous Coward on Monday February 19 2018, @12:14AM (#639880)

        If there were a "blind drop", and enough individuals would send (and read) gibberish posts, the TLAs could chase their tails until they decided to abandon such nonsensical efforts.

        Aha, I knew there had to be more to that one ACs posts!

  • (Score: 2) by pipedwho on Sunday February 18 2018, @06:44PM (3 children)

    by pipedwho (2032) on Sunday February 18 2018, @06:44PM (#639772)

    The problem with this is that a law that is able to ‘forbid’ encryption is equally capable of forbidding this approach. They simply update the screed to include “...or otherwise indecipherable...”. And with the stroke of a pen your technological solution to a political problem has been rendered ineffective. The solution is to argue on philosophical, political and logical grounds.

    • (Score: 2) by janrinok on Sunday February 18 2018, @11:27PM (1 child)

      by janrinok (52) Subscriber Badge on Sunday February 18 2018, @11:27PM (#639853) Journal
      'otherwise decipherable' can only be applied to a cipher. This isn't a cipher. Where is the law that says I cannot send the first character of each word in the first story published on SN each day? Or the second character, or the third story?
      • (Score: 2) by pipedwho on Monday February 19 2018, @01:13AM

        by pipedwho (2032) on Monday February 19 2018, @01:13AM (#639896)

        There are no laws requiring backdoored crypto at the current time. If the government decides to pen some laws and you find a technologically exploitable loophole, you can be sure that at some time shortly beyond that, that the hole will be plugged (well, at least for anyone that isn't part of the 'ruling class').

        It doesn't matter how they do it, or the exact wording. The problem is arguing along this line of reasoning is futile.

        If they can somehow legally ban all encryption for communications and otherwise require broken and back-doored crypto for the masses, then it isn't a far stretch that they can subsequently also make it illegal to transmit random nonsensical data.

        The real arguments here should be about the legality and ethics from a civil rights perspective, and other external side effects of making effective cryptography illegal. For example, the first and fourth amendments to the US Constitution have something to say about this. And traditionally it has been an assumed right for people to communicate privately. Then for side effects; every crime organisation and foreign government will soon end up with access to everyone's communications. And criminals will just continue to use effective crypto anyway, even if it has to be coupled with steganography, thus driving the problem into the dark.

        I personally don't want to have to resort to steganography to send sensitive messages (eg. design details, or pricing structures, etc) to clients to avoid rival organisation(s) (or governments) from intercepting and deciphering my messages. And for some channels of R&D and otherwise valuable information, there are big financial incentives to obtain access. Imagine the enormous monetary (and political) value of escrow keys, or back door access to a government security key database. With rewards like that, it's only a matter of time before the 'wrong' people have access.

        And by definition, for me the 'wrong' people are everyone besides the intended recipient(s).

    • (Score: 0) by Anonymous Coward on Monday February 19 2018, @02:14AM

      by Anonymous Coward on Monday February 19 2018, @02:14AM (#639922)

      So Trump gets arrested for covfefe? And kids get interrogated by the FBI because agents can't understand the new lingo? People who can't spell get sent to prison?