SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow1984
"We have an ongoing dialogue with a lot of tech companies in a variety of different areas," he [Rod Rosenstein] told Politico Pro. "There's some areas where they are cooperative with us. But on this particular issue of encryption, the tech companies are moving in the opposite direction. They're moving in favor of more and more warrant-proof encryption."
[...] In the interview, Rosenstein also said he "favors strong encryption."
"I favor strong encryption, because the stronger the encryption, the more secure data is against criminals who are trying to commit fraud," he explained. "And I'm in favor of that, because that means less business for us prosecuting cases of people who have stolen data and hacked into computer networks and done all sorts of damage. So I'm in favor of strong encryption."
[...] He later added that the claim that the "absolutist position" that strong encryption should be by definition, unbreakable, is "unreasonable."
[...] Rosenstein closed his interview by noting that he understands re-engineering encryption to accommodate government may make it weaker.
"And I think that's a legitimate issue that we can debate—how much risk are we willing to take in return for the reward?" he said.
(Score: 4, Interesting) by wonkey_monkey on Sunday November 12 2017, @12:38AM (6 children)
...JTAO QCNC ZLNH W
If we all have reasonably unbreakable encryption, then you'll have even less business because you won't even need to bother trying to decrypt anything! You can all go home early on a Friday!
Encryption that is not unreasonably breakable is not strong.
systemd is Roko's Basilisk
(Score: 1, Interesting) by Anonymous Coward on Sunday November 12 2017, @01:05AM (2 children)
There's things they could do that would result in "strong encryption" from anybody who doesn't have access to the device, that would severely weaken it if somebody could take it apart. Nobody does that because we don't really want phones and devices that can just be stolen and cracked in a few minutes. Ideally, it would take so long to break into the device that the data would no longer be of any value.
Having a second private key that's hardwired into a section of the phone that's not accessible would allow people in easily if they have the phone, but barely reduce the strength of the encryption to people who don't have the phone in their possession.
(Score: 3, Insightful) by MostCynical on Sunday November 12 2017, @02:15AM (1 child)
Does this mean you have your passwords written on your monitor? Having a key ON the device seems to be the same thing...
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 0) by Anonymous Coward on Sunday November 12 2017, @03:38PM
It doesn't imply that. It would imply having the password stuffed inside of the monitor.
The second point is really a question of what you're trying to protect against. If it's just casual theft, it would be fine, if it's law enforcement it's a huge problem.
And there's no need for it to be in cleartext, it could be a certificate.
(Score: 2) by maxwell demon on Sunday November 12 2017, @03:27PM (2 children)
I'm sure that's not what you wanted to write. Indeed, I think it's very much the opposite of it. ;-)
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by wonkey_monkey on Sunday November 12 2017, @07:39PM (1 child)
Replace "not unreasonbly" with "reaonably" and see what I mean.
systemd is Roko's Basilisk
(Score: 2) by maxwell demon on Sunday November 12 2017, @07:45PM
I'm not sure that is a valid parse; if it is, your sentence is still hopelessly ambiguous.
The Tao of math: The numbers you can count are not the real numbers.