SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow1984
FBI Director Christopher Wray said Wednesday that unless the U.S. government and private industry are able to come to a compromise on the issue of default encryption on consumer devices, legislation may be how the debate is ultimately decided.
"I think there should be [room for compromise]," Wray said Wednesday night at a national security conference in Aspen, Colorado. "I don't want to characterize private conversations we're having with people in the industry. We're not there yet for sure. And if we can't get there, there may be other remedies, like legislation, that would have to come to bear."
Wray described the issue of “Going Dark” because of encryption as a "significant" and "growing" problem for federal, state and local law enforcement as well as foreign law enforcement and intelligence agencies. He claims strong encryption on mobile phones keeps law enforcement from gaining access to key evidence as it relates to active criminal investigations.
Source: FBI director: Without compromise on encryption, legislation may be the 'remedy'
(Score: 5, Insightful) by requerdanos on Sunday July 22 2018, @11:50PM (3 children)
And it might sound very reasonable for him to say such a thing; after all, compromise is good and noble and right and just. Right?
Not so fast.
With respect to disagreements, compromise means working together towards the middle ground.
But with respect to encryption, compromise means completely and utterly defeat the encryption--the opposite meaning.
Any compromise on encryption, any position except "allow and vigorously protect strong encryption", is the complete and utter defeat of encryption because anything less than state-of-the-art strong encryption is not encryption at all, but merely storing something in an inconvenient but completely retrievable format.
Wray, and those who think that "law enforcement" status means someone should be able to break the rules all they want while wearing an ironic "good guy" hat, is full of something that you would hold your nose if you had to clean it off your shoes after stepping in it. No thanks.
Support strong, uncompromised encryption, the only kind that works for anything. In the United States, encryption seals the crossroads between the fourth (no unreasonable search/seizure) and fifth (right not to self-incriminate) amendments. Without it, these federal legal protections are (even more) meaningless.
I believe in them; I believe in my rights being protected; I believe in jackasses like Wray being legally obligated to protect my rights. They clearly, as TFA demonstrates, wouldn't stand up for your rights and mine unless required to.
(Score: 4, Interesting) by takyon on Monday July 23 2018, @12:19AM (2 children)
Wray and his predecessors talk about compromise because they don't have the leverage. Businesses don't want an encryption ban/circumvention/backdoor law. Congress apparently doesn't want it either, because they haven't passed one yet. The FBI would love to shame companies into submission, but that didn't really work with Apple. So they are having chats and "thinking" out loud at conferences.
Enforcing a law will be difficult. Probably anyone who wants to securely* communicate with each other using encryption or encrypt their file system will continue to do so, but if you get caught in relation to other computer crimes, they will just have another charge to throw at you along with the rest of the book.
The summary implies that the FBI is trying to convince the major tech companies to voluntarily backdoor. That could probably work, but people can be moved to other services or manually encrypt. Although many users are stupid, you might be surprised at what they are capable of if you give them a little help. Package end-to-end encrypted communications in a convenient app not hosted on Google Play, or on a web site, or desktop application, and people will show interest in it. Actual terrorists, anarchists, and other misfits who really need secure communications will probably do a little more research to get what they need (or they might be naturally selected by an American drone [soylentnews.org]). In the end, FBI will probably still seek a ban.
As far as encrypted phones go, there may be a sweet spot for the hardware/software version where it is apparently not vulnerable to the FBI (like older models such as iPhone 5C are) but it can't be updated to remove encryption capabilities (think of all those phones that only receive updates for a year or two). The longer this encryption war gets waged, more people will have access to "full disk" encrypted phones. And if a ban happens or major manufacturers like Samsung and Apple cave to pressure, you could try using a foreign phone (hmmmmm, maybe that's why intelligence agencies [soylentnews.org] don't want the likes of ZTE and Huawei to compete in the US market).
*To the extent that the software/encryption actually works (think Mujahedeen Secrets, which is said to be laughably insecure), and without other vulnerabilities in play (often undermining the Going Dark narrative). Quantum computing could also be breaking RSA soon, and you can bet that the NSA will be one of the first customers.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0) by Anonymous Coward on Monday July 23 2018, @03:00AM (1 child)
Swaying the business community then may be what the misogynerd narrative is all about. We'll see it again in full force the next time the D team is in power.
How many people in management positions understand that compromise and encryption are as compatible as a screen door on a submarine? None.
Discredit the professions who understand that compromised encryption is a screen door on a submarine, and management will overrule them,
just as easily as a janitor is overruled.
If hacks begin exploding, then we know who is really at fault: those incels who overcomplicate coding beyond a three week boot camp specifically to exclude women. The manly men in management won't listen to any more bullshit from the boys who can't get laid.
(Score: 2) by PiMuNu on Monday July 23 2018, @09:11AM
Most large businesses have a Director of IT or similar who does know which end of a ssh tunnel is which, who can advise CEO/equivalent. CEO is probably reasonably switched on for most outfits.