SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow1984
FBI Director Christopher Wray said Wednesday that unless the U.S. government and private industry are able to come to a compromise on the issue of default encryption on consumer devices, legislation may be how the debate is ultimately decided.
"I think there should be [room for compromise]," Wray said Wednesday night at a national security conference in Aspen, Colorado. "I don't want to characterize private conversations we're having with people in the industry. We're not there yet for sure. And if we can't get there, there may be other remedies, like legislation, that would have to come to bear."
Wray described the issue of “Going Dark” because of encryption as a "significant" and "growing" problem for federal, state and local law enforcement as well as foreign law enforcement and intelligence agencies. He claims strong encryption on mobile phones keeps law enforcement from gaining access to key evidence as it relates to active criminal investigations.
Source: FBI director: Without compromise on encryption, legislation may be the 'remedy'
(Score: 4, Interesting) by takyon on Monday July 23 2018, @12:19AM (2 children)
Wray and his predecessors talk about compromise because they don't have the leverage. Businesses don't want an encryption ban/circumvention/backdoor law. Congress apparently doesn't want it either, because they haven't passed one yet. The FBI would love to shame companies into submission, but that didn't really work with Apple. So they are having chats and "thinking" out loud at conferences.
Enforcing a law will be difficult. Probably anyone who wants to securely* communicate with each other using encryption or encrypt their file system will continue to do so, but if you get caught in relation to other computer crimes, they will just have another charge to throw at you along with the rest of the book.
The summary implies that the FBI is trying to convince the major tech companies to voluntarily backdoor. That could probably work, but people can be moved to other services or manually encrypt. Although many users are stupid, you might be surprised at what they are capable of if you give them a little help. Package end-to-end encrypted communications in a convenient app not hosted on Google Play, or on a web site, or desktop application, and people will show interest in it. Actual terrorists, anarchists, and other misfits who really need secure communications will probably do a little more research to get what they need (or they might be naturally selected by an American drone [soylentnews.org]). In the end, FBI will probably still seek a ban.
As far as encrypted phones go, there may be a sweet spot for the hardware/software version where it is apparently not vulnerable to the FBI (like older models such as iPhone 5C are) but it can't be updated to remove encryption capabilities (think of all those phones that only receive updates for a year or two). The longer this encryption war gets waged, more people will have access to "full disk" encrypted phones. And if a ban happens or major manufacturers like Samsung and Apple cave to pressure, you could try using a foreign phone (hmmmmm, maybe that's why intelligence agencies [soylentnews.org] don't want the likes of ZTE and Huawei to compete in the US market).
*To the extent that the software/encryption actually works (think Mujahedeen Secrets, which is said to be laughably insecure), and without other vulnerabilities in play (often undermining the Going Dark narrative). Quantum computing could also be breaking RSA soon, and you can bet that the NSA will be one of the first customers.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0) by Anonymous Coward on Monday July 23 2018, @03:00AM (1 child)
Swaying the business community then may be what the misogynerd narrative is all about. We'll see it again in full force the next time the D team is in power.
How many people in management positions understand that compromise and encryption are as compatible as a screen door on a submarine? None.
Discredit the professions who understand that compromised encryption is a screen door on a submarine, and management will overrule them,
just as easily as a janitor is overruled.
If hacks begin exploding, then we know who is really at fault: those incels who overcomplicate coding beyond a three week boot camp specifically to exclude women. The manly men in management won't listen to any more bullshit from the boys who can't get laid.
(Score: 2) by PiMuNu on Monday July 23 2018, @09:11AM
Most large businesses have a Director of IT or similar who does know which end of a ssh tunnel is which, who can advise CEO/equivalent. CEO is probably reasonably switched on for most outfits.