Former FBI General Counsel Jim Baker, who was known for prosecuting the legal case against Apple to get them to unlock the San Bernardino shooter's iPhone, has published an extraordinary essay on Lawfare where he surprisingly argues rather for strong encryption without government back doors.
From Schneier on Security:
In the face of congressional inaction, and in light of the magnitude of the threat, it is time for governmental authorities -- including law enforcement -- to embrace encryption because it is one of the few mechanisms that the United States and its allies can use to more effectively protect themselves from existential cybersecurity threats, particularly from China. This is true even though encryption will impose costs on society, especially victims of other types of crime.
[...] I am unaware of a technical solution that will effectively and simultaneously reconcile all of the societal interests at stake in the encryption debate, such as public safety, cybersecurity and privacy as well as simultaneously fostering innovation and the economic competitiveness of American companies in a global marketplace.
[...] All public safety officials should think of protecting the cybersecurity of the United States as an essential part of their core mission to protect the American people and uphold the Constitution. And they should be doing so even if there will be real and painful costs associated with such a cybersecurity-forward orientation. The stakes are too high and our current cybersecurity situation too grave to adopt a different approach.
Baker joins the growing list of former US law enforcement and national security senior officials who have come out in favor of strong encryption over backdoors, such as former NSA directors Gen. Michael Hayden and V. Adm. Mike McConnell, former DHS secretary Michael Chertoff, Counter-Terrorism adviser Richard Clarke, former Secretary of Defense Ash Carter, and former deputy Secretary of Defense William Lynn.
Related Stories
Judge Orders Apple to Unlock iPhone Belonging to San Bernardino Shooter
Apple has been ordered to assist in the unlocking of an iPhone belonging to one of the San Bernardino shooters. This may require updating the firmware to bypass restrictions on PIN unlock attempts:
Apple must assist the FBI in unlocking the passcode-protected encrypted iPhone belonging to one of the San Bernardino shooters in California. US magistrate Sheri Pym says Cupertino must supply software that prevents the phone from automatically annihilating its user data when too many password attempts have been made.
The smartphone belonged to Syed Farook, who with his wife Tashfeen Malik shot and killed 14 coworkers on December 2. The couple died in a gun battle with police soon after. Cops have been unable to access Syed's iPhone 5C because they do not know the correct PIN, and will now gain the assistance of Apple, as ordered by Judge Pym [PDF] on Tuesday.
iOS 8 and above encrypts data on devices, requiring a four to six-digit PIN to unlock. After the first few wrong guesses, iOS waits a few minutes between accepting further PIN entry attempts, escalating to an hour's delay after the ninth failed login.
[...] Judge Pym wants Apple to come up with some magic software – perhaps a signed firmware update or something else loaded during boot-up – that will allow the FBI to safely brute-force the PIN entry without the device self-destructing. This code must only work on Farook's phone, identified by its serial numbers, and no other handset. The code must only be run on government or Apple property, and must not slow down the brute-forcing process.
Apple has five days to appeal or demonstrate that it cannot comply with the order. It is crucial to note that the central district court of California has not instructed Apple to crack its encryption – instead it wants Apple to provide a tool to effectively bypass the unlocking mechanism. "It's technically possible for Apple to hack a device's PIN, wipe, and other functions. Question is can they be legally forced to hack," said iOS security expert Jonathan Ździarski.
(Score: 0, Interesting) by Anonymous Coward on Wednesday October 30 2019, @02:30PM
https://www.washingtonexaminer.com/news/former-fbi-lawyer-james-baker-cooperating-with-doj-inspector-generals-fisa-abuse-investigation [washingtonexaminer.com]
He seems to know what the corrupt FBI agents have been up to.
(Score: 2) by opinionated_science on Wednesday October 30 2019, @02:49PM (7 children)
I must confess the whole AMD "RAND" bug got me thinking - what if the backdoor is simply a way of gaming random number generation so that keys are a *tiny* bit predictable.
Hence, they can come out and say "Everyone use secure stuff, we love you!" and in actual fact, they have already have a backdoor.
I am a little shocked the Linux kernel doesn't test the random numbers on boot, but hey, I guess they will now...
(Score: 0) by Anonymous Coward on Wednesday October 30 2019, @03:00PM
Hmm, interesting you are concerned about an optional non-issue when there are much bigger ones at stake (Intel me, amd psp, etc).
In fact AMD's implementation may be "buggy" because it was designed by Intel to have a backdoor to begin with: https://en.m.wikipedia.org/wiki/RDRAND [wikipedia.org]
(Score: 2) by Freeman on Wednesday October 30 2019, @04:02PM (3 children)
There's no such thing as that, it's either reproducible/predictable or it isn't. Now, perhaps it's only predictable in XYZ scenario, but '"tiny" bit predictable' seems like any oxymoron.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2) by c0lo on Wednesday October 30 2019, @04:41PM
Meh, maybe it's a brit mannerism. You know? like "yo momma is quite a bit overweight"
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 3, Insightful) by vux984 on Wednesday October 30 2019, @06:15PM
"There's no such thing as that, it's either reproducible/predictable or it isn't"
For a simplified example, If I define a true random number generator that produces 8 bit random numbers, then it will produce random numbers from 0 to 255.
If my generator has a defect such that every 61st number it generates has a 55% chance setting the lowest bit to 1. It will produce random numbers from 0 to 255, but every 61st number is slightly weighted toward being odd.
That is a 'tiny bit predictable'. You don't know what odd number it will be, you don't even know whether it will be odd, and it ONLY affects every 61th number.
And if you are using it to generate 1024 bits of randomness by calling it 128 times then you will only actually get 1022 random bits. And the other 2 bits are slightly weighted. At best you can use this knowledge of the flaw to improve the average case performance of a brute force search a little.
(Score: 2) by stormwyrm on Thursday October 31 2019, @04:04AM
If I had loaded dice, say, one which is weighted such that 6 comes up more often, then their outcome is easier to predict than dice that are completely fair, i.e. a "tiny bit predictable". An unloaded, completely fair die has six possibilities, each of which has a probability of ⅙ of appearing. Now, if we loaded the die such that a 6 would come up with a higher frequency than any other result, say, we make it such that it appears on average three times out of every four rolls. So now, the probability of rolling a 6 becomes ¾, while rolling anything else has a probability of 0.05. So now it becomes a lot easier to predict the roll. In the same way, if we had a random number generator circuit (this is a particular project of mine, see my journal for details) doctored such that four bits out of eight are actually generated according to a very simple sequence (e.g. they are easily derived from each other), it would become fairly easy to predict cryptographic keys derived from it. If it were used to generate 128 bit keys, 64 bits of the key would be easily derivable, and so the brute-force attack is only 64 bits worth, not so infeasible.
Numquam ponenda est pluralitas sine necessitate.
(Score: 1, Insightful) by Anonymous Coward on Wednesday October 30 2019, @06:17PM (1 child)
Maybe not, other than adding another bug flag to /proc/cpuinfo. How do you propose to tell whether a random number generator is compromised? It could be more maliciously compromised than what AMD did.
15 years ago or so ago, when the first hardware RNGs came packaged on CPUs, I believe Linus made the right decision to only keep the hardware RNGs as one source of random data in a pool of many other sources.
(Score: 0) by Anonymous Coward on Thursday October 31 2019, @07:03AM
One of the kernel configuration options is whether or not to trust the CPU's RNG.
It would not make sense to attempt to test this on the fly, as if it were that easy to detect, someone would have already done so. If the RNG is compromised, it has to be done in such a way that no one can prove it.
(Score: 3, Insightful) by fustakrakich on Wednesday October 30 2019, @02:49PM (12 children)
We don't need anybody's approval to use strong crypto. We simply just use it and ignore the tyrants that say, no you can't
La politica e i criminali sono la stessa cosa..
(Score: 5, Insightful) by DannyB on Wednesday October 30 2019, @03:53PM (11 children)
I hate to say this.
Because if you ignore the tyrants, they will make your freedoms illegal. Then they'll use the overwhelming force of government to come get you and lock you up -- for your safety!
First they came for the people who used EBCDIC. I did not use EBCDIC, so I said nothing.
Next they came for the people who used ROT13. I did not use ROT13, so I said nothing.
. . . see a pattern . . .
assumption: dem stupid gubmit foaks shore is ignert enough to believe EBCDIC is a form of encryption.
The lower I set my standards the more accomplishments I have.
(Score: 0) by Anonymous Coward on Wednesday October 30 2019, @04:04PM (4 children)
You used the right word.
These are not our best people. They don't care about privacy. They know that businesses won't tolerate a government threat to encryption, so they are closing that door and will support other means for the government to get what they want.
(Score: 2) by c0lo on Wednesday October 30 2019, @04:45PM (2 children)
Heh, so one needs to be a "former sumthin" to become tyrant?
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Wednesday October 30 2019, @06:51PM (1 child)
They are in the League of Shadows now.
(Score: 2) by DannyB on Wednesday October 30 2019, @07:50PM
Vorlons were also tyrants.
The lower I set my standards the more accomplishments I have.
(Score: 2) by fido_dogstoyevsky on Wednesday October 30 2019, @09:57PM
They've had those other means for a very long time [xkcd.com] (not a joke, by the way).
It's NOT a conspiracy... it's a plot.
(Score: 2) by tekk on Wednesday October 30 2019, @07:06PM
You say that like EBCDIC isn't a more useful form of encryption than ROT13 ;)
(Score: 1) by fustakrakich on Wednesday October 30 2019, @09:05PM (2 children)
Then let that be a reminder to vote for nicer tyrants
La politica e i criminali sono la stessa cosa..
(Score: 2) by DannyB on Thursday October 31 2019, @02:19PM (1 child)
So, wait . . . you're saying I should vote for the lesser of two evils?
The lower I set my standards the more accomplishments I have.
(Score: 1) by fustakrakich on Thursday October 31 2019, @05:13PM
Look for a third, then you can vote for the least evil. Of course you know there is no requirement to vote for evil at all.
La politica e i criminali sono la stessa cosa..
(Score: 2) by Azuma Hazuki on Wednesday October 30 2019, @11:13PM (1 child)
Liar. You clearly ran every alphanumeric character in that message through ROT13 *twice.* I can see the scuff marks on the flipped bits!
I am "that girl" your mother warned you about...
(Score: 2) by DannyB on Thursday October 31 2019, @02:18PM
Oh dear, I thought that the 2nd ROT13 undid the scuff marks from the first round. I wonder how ROT13 is affected when run in the Southern hemisphere where the bits circle the other direction and boolean values are inverted.
The lower I set my standards the more accomplishments I have.
(Score: 1, Insightful) by Anonymous Coward on Wednesday October 30 2019, @07:32PM (6 children)
Law enforcement's argument is that they need backdoors to stay ahead of the really bad guys. (Terrorists, drug cartels, and think of the children.)
So if you make a law to require back doors, what makes these really bad folks obey these laws when they are obviously not concerned with obeying others?
Given that the backdoors are far from free, having no answer to this question seems the best argument against them.
(Score: 2) by PartTimeZombie on Wednesday October 30 2019, @08:52PM (2 children)
Those are mostly the same arguments made during the 1990's when the US government decided encryption was naughty, and slapped export controls on strong encryption.
Of course, those of us who don't live the US carried on using strong encryption because your export controls don't apply to us, and I am assuming people within the US could download whatever tools they needed from Sweden, or Germany (or any other country not concerned with the US government's stupid rules).
These people can say or do whatever they want. It makes no difference to maths.
(Score: 2) by krishnoid on Wednesday October 30 2019, @09:18PM (1 child)
It also apparently made no difference to export controls [milk.com] either (sorry, ancient story).
(Score: 2) by PartTimeZombie on Wednesday October 30 2019, @09:59PM
I may be ancient, but it is still very interesting.
Weird sort of security theatre story really.
This guy [wikipedia.org] wrote a book about how that whole world works. It is hard going, but worth a read.
(Score: 2) by Runaway1956 on Thursday October 31 2019, @12:11AM (2 children)
That exactly. The gun rights supporters have been saying it for a long long time. Ever more draconian laws, ever more obtuse, confusing laws DO NOT make people safer. Lawbreakers are going to break the laws, no matter how liberal the laws are, or how draconian. You can stack the mystical, the draconian, the restrictive, and prohibitionary laws hundreds deep, and the law breakers will cheerfully break all of the laws. Gun free zones are worse than meaningless to those who would shoot helpless people, and encryption free zones will be the same. In fact, like gun free zones, a ban on encryption will invite the attention of those who would encrypt. And, the laws are impotent to actually stop a violator.
Laws will always be meaningless or worse, to those who would break them, and especially so when the laws are inherently meaningless.
What do I mean by "worse than meaningless"? I mean people who are lawfully going about their business, encrypting their data (or carrying a weapon) one day, become criminals the next day because an idiot law was written specifically to target those people. Overnight, thousands, or even millions of people become criminals, because someone at the capital decided, "We don't like people doing this and that, so we'll make it illegal."
In view of the fact that gubbermint has long considered encryption to be a "munition", I'm amused that people who don't care much about the second amendment are using the same arguments that second amendment supporters have been using for decades now.
(Score: 0) by Anonymous Coward on Thursday October 31 2019, @02:58PM (1 child)
As always, it's more complex than that. People will indeed continue to break laws no matter what occurs, true. But one can and does find that with increased penalties individuals might start considering whether they might consider paying the price for a given crime. Utility is real, although it doesn't always control, either because a person doesn't believe they'll be caught or isn't deterred by the penalty.
As to gun-free zones.... What they do is make anyone with a gun in them (except the police) immediately a criminal and suspect. One of the hardest things for cops to do in an active shooter environment is try to figure out who the "bad guys" are from nominal good guys who have guns and just want to help. That doesn't mean the cops just kill anyone with a gun in a gun-free zone, but it does allow them to automatically consider any non-police armed person in such an area a hostile party and does allow them to open fire if the gun holder makes the slightest hostile move. That actually protects the cops' lives, at the potential sacrifice of lives until such time as the cops can arrive.
Anyway, it's more than just "we don't like people doing that," which is under consideration here. Strong encryption can indeed facilitate crime just as it facilitates legal activities. Neither of which means it is good to outlaw either encryption or mandate the use of backdoors. It's also not "overnight" that such an action would occur - just as now a law would be passed and a date would be set for enforcement. But that's basically true for any criminal law, so just because people would become criminals because a law is enacted is no excuse to not pass a law.
But what is really means is just that your argument is flawed.
(Score: 2) by Runaway1956 on Thursday October 31 2019, @03:50PM
I don't believe it's as complex as you make it sound. People who fear and/or don't like guns want to pass laws making guns illegal. People who fear and/or don't like encryption want to make effective encryption illegal. In both cases, We the People need to send a message to Washington. We will not comply.
https://www.youtube.com/watch?v=jeOolKy-l0E [youtube.com]
(Score: 2) by krishnoid on Wednesday October 30 2019, @09:14PM
Doesn't this combine -- and in fact, produce a conflict of interest between -- separate jurisdictional domains from the extreme ends?
Seems more like all US (and global) citizens should think of getting their local and national legislatures to provide -- in the strong Murcan defense tradition -- external-actor cybersecurity protection, while robustly protecting individual rights in the fruity EU tradition.