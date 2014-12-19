from the task-the-NSA-with-making-it dept.
Senate Judiciary Committee Interrogates Apple, Facebook About Crypto
In a hearing of the Senate Judiciary Committee yesterday, while their counterparts in the House were busy with articles of impeachment, senators questioned New York District Attorney Cyrus Vance, University of Texas Professor Matt Tait, and experts from Apple and Facebook over the issue of gaining legal access to data in encrypted devices and messages. And committee chairman Sen. Lindsey Graham (R-S.C.) warned the representatives of the tech companies, "You're gonna find a way to do this or we're going to do it for you."
The hearing, entitled "Encryption and Lawful Access: Evaluating Benefits and Risks to Public Safety and Privacy," was very heavy on the public safety with a few passing words about privacy. Graham said that he appreciated "the fact that people cannot hack into my phone, listen to my phone calls, follow the messages, the texts that I receive. I think all of us want devices that protect our privacy." However, he said, "no American should want a device that is a safe haven for criminality," citing "encrypted apps that child molesters use" as an example.
"When they get a warrant or court order, I want the government to be able to look and find all relevant information," Graham declared. "In American law there is no place that's immune from inquiry if criminality is involved... I'm not about to create a safe haven for criminals where they can plan their misdeeds and store information in a place that law enforcement can never access it."
(Score: 0) by Anonymous Coward on Sunday December 15, @06:24PM (4 children)
One of the things that was said was grabbing encryption keys stored in a way that is accessible if you have physical, hardware, disassemble-the-phone access.
This obviously doesn't apply to Facebook/whatsapp - things that are entirely software - but what about the hardware phone? Isn't it plausible to have a special pin on Apple's encryption chip that can be used to read out the internal secret key and decrypt the data?
Drawbacks are theft of phone, and you have to destroy the phone to get access to the data. You dump the data, read the private key, and decrypt.
Whereas shared secrets have their obvious drawback, what is the argument against such physical key exposure? The only one that i can think is if a determined attacker has a good deal of money and resources to disassemble the phone, read a key, and decrypt the data - and they're willing to steal a phone to get to it. Probably not going to affect government officials as much, but this might apply to wealthy business leaders.
(Score: 0) by Anonymous Coward on Sunday December 15, @06:34PM
If there is a way to get to your special "decrypt" pin by taking the phone apart...it won't be long before some clever hackers work out how to get to that pin without ruining the phone. Maybe a tiny hole is drilled in just the right spot? Or some other clever way.
(Score: 0) by Anonymous Coward on Sunday December 15, @06:37PM (1 child)
Lindsey Graham was "surprised" that the FBI abused the FISA courts to start a farcical investigation of Trump, apparently he will also be "surprised" when they abuse this.
(Score: 0) by Anonymous Coward on Sunday December 15, @06:56PM
One would think US citizens would appalud efforts to root out treasonous corruption, yet here we are. #SAD #LowPatriotism
(Score: 2) by sjames on Sunday December 15, @06:45PM
Bad guy steals your phone, wrecks it getting the secret key, hoovers your bank account and offers not to share embarrassing but perfectly legal secrets with your contact list for only $2000 in bitcoin...
(Score: 0) by Anonymous Coward on Sunday December 15, @06:38PM
No need to, Senator, it's already been done and you can't undo it. Now get back to your afternoon nap.