
The Government Wants A Backdoor Into Your Online Communications - zoowar
https://www.eff.org/deeplinks/2013/05/caleatwo
======
yajoe
For those who are skeptical about these conspiracy theories, I've tried to
explain why large vendors accede in a previous post and got great skeptical
questions: <https://news.ycombinator.com/item?id=5706695>

tl;dr -- Most large public services you use (Skype, Exchange, likely Gmail,
etc) have backdoors.

Large vendors believe they have to respond to subpoenas or face public
obstruction or co-conspiracy charges. As a result, they place these backdoors
to avoid the PR or believe they are required to play by the US govt's rules.
They may not be realtime backdoors, and they may require a bunch of
processing, but it is possible to read most messages sent through large,
popular systems (both voice and text like email, sms, chat). I think everyone
is waiting for a major court ruling or congressional bill to clarify what's
what.

snippet of previous post to explain the vendor's mentality:

> The govt comes by with a subpoena (secret, classified, or public) and
> requires Microsoft or the customer company to produce communication records
> that exist in a form that may be used as evidence. Failure to do so is best
> contempt of court and worst obstruction of justice. No 5th amendment
> privilege for other people's crimes [and prior to last year's ruling, it was
> assumed that passwords (or private keys) could be compelled for _any_ reason
> in the US, and systems were built with that assumption]. So everyone who
> chooses to store or process messages makes it so the encryption is
> reversible and they can honor court requests. Nothing is private as a
> result.

> There is not yet a way to build a messaging service that has both features
> [content-aware features like URL detection, spell-checkers, web browsing for
> dumb clients, targeted ads to fund free services, etc] AND [pure] privacy
> [in the US].

~~~
jlgreco
_(I'm one of the guys that was talking with you in that link)_

To be clear, I think that vendors make their services "backdoorable" because
they want to extract revenue from them and attract consumers. Once they have
the capability, the government can then capable of compelling them to comply.
I don't think the government is compelling them to build the capability in the
first place.

To use a concrete example, Bitlocker is presumably not backdoored by Microsoft
and I don't believe that the government has any (public) laws that would allow
them to compel Microsoft to modify Bitlocker in such a way. Microsoft's
refusal to backdoor Bitlocker could not get them into any sort of official
trouble. If Microsoft had Bitlocker backdoored already for whatever reason
(say, customer service data recovery), then the government could compel them
to comply them to unlock drives.

I don't think we really disagree on anything substantial.

~~~
btilly
_To be clear, I think that vendors make their services "backdoorable" because
they want to extract revenue from them and attract consumers._

I disagree. Most are "backdoorable" because it is easier to build a service
that way.

For instance consider gmail. The hard requirement is that a person armed with
a user name and password can login from a browser and get access to that
email. The common requirement is that a person armed with the right cookie can
get that email. Now in theory you could encrypt all of the emails on the
server, but now your operations costs went through the roof. However if you
store them in plain text then you can use smart indexing, and your operations
costs are much more manageable.

However once you've decided to have plain text files on your server, EVEN IF
you aren't doing anything with them other than storing/sending them to the
user, you're now able to backdoor those files, and hence can be compared to by
a court.

There have been many email systems out there. Open source (qmail, sendmail,
etc), proprietary (Exchange, Dovecot, etc), hosted in the cloud (Hotmail,
Gmail, etc), hosted at your company (Exim, Oracle Communications Messaging
Server, etc), built on top of platforms not meant to do email (Lotus Notes
being a prime example) and so on.

Every single one of the ones I named and many, many, more stored data in plain
text and legal discovery could be compelled on them. Simply because that was
the easiest way to build them. There are exceptions, but they are exceptions
because they were meant to be. Hushmail comes to mind. However even there,
even when it was designed to store data in encrypted format, if the government
can find a way to force you to extract data, they will push you to do so. (See
<http://en.wikipedia.org/wiki/Hushmail> for a description of the way in which
the government got Hushmail to capture plain text, even though the data was
stored in plain text.)

The moral? Often the government has access not because evil profit-mongering
corporations did wrong, but simply because obvious technical decisions leave
them able to do so. And this can be true even when those corporations made a
good faith effort to make that impossible.

~~~
declan
This is well said. The thing is, though, that it was the non-Java version of
Hushmail that was exploited by the Feds. The fact that it could be exploited
shouldn't cast the end-to-end secure version in a negative light.

So who at Google is going to code an encrypted Gmail in their 20% time? Paid,
of course, because the server won't know what ads to show. (You could put that
intelligence in the client, but it seems a privacy-sensitive clientele
wouldn't like even that info to leak.)

~~~
kamjam
I'm sure Google already has an encrypted version of their Gmail service, but
why would they shoot themselves in the foot and loose all that Ad revenue?

You _could_ put that intelligence in the client, but there is only so much
analysis you do do using JavaScript, I'm sure the computing power they have
available on their servers is phenomenal, and add to that a huge databank of
information they have available to be able to better match those ads to you.
And you've already mentioned the privacy issue...

~~~
declan
Google would choose to lose "all that ad revenue" if they could replace it
with sufficient, and probably more lucrative, non-ad revenue through paying
customers.

------
rhizome
Boiling frog. As long as digital freedoms remain unlegislated, government will
circumscribe ever-shrinking boundaries with and without the help of industry.
It will continue forever until and unless the freedoms are enshrined into law.

------
ISL
Backdooring major services may lead to the mass adoption of encrypted systems.
Not immediately, of course, but after the leaks start. Who'd use a backdoored
Google Drive for proprietary information when they could use SpiderOak?

Can't stop the signal, Mal.

~~~
betterunix
The FBI is asking for backdoors on the client side of secure communication
systems. Did you think they forgot about the 90s?

The difference today is this: lots of people are buying restricted computers
(tablets, smartphones, even some laptops), and it would not be hard for the
government to push backdoors into software distributed via the "app store
model." This time there is actually a chance of the Justice Department getting
their way.

~~~
DenisM
Android is not restricted, not yet at least. But I see your point, and it's
rather alarming.

~~~
venomsnake
Unless you create your own raspberry pi to used as a (sanctioned from you)
mitm proxy that encrypts the paintext on any communication you send to the
online services. So basically google get already encrypted mail that only the
receiver can decrypt.

So it will go like this - I write hi on the IM client, the Pi intercepts the
protocol unpacks the hi encrypts it with the private key, sends some base64 to
the server who then translates it to the receiver that has similar device
installed which does the decryption.

It is not perfect but it can be done. And I am sure Mr Schneier can think of
something much better in its sleep.

------
zokier
Open-source end-to-end encrypted communications. Using it is not rocket
science. You should not trust legislation and goodwill of service providers
for your privacy. Take the power to your own hands.

~~~
X4
Can you share all the effective and easy to use tools you know here please?

~~~
zokier
GPG is the number one tool of course. For IM-like functionality OTR (over
XMPP) seems to be the preferred protocol, you could use eg Jitsi as the
client. For (mobile) voice there is RedPhone and SilentCircle. Both are fairly
new so I wouldn't be 100% confident on them but they are made by experts and
lay on very strong foundations.

------
Fuxy
Could some hackers please hack the police wiretapping systems already in place
the government doesn't seem to understand the threat to our security and
anonymity this poses without a demonstration.

No system is completely secure including the wiretapping system which
introduces one point of failure not to mention incredible power for a not so
benevolent dictator.

If Hitler were alive today we would all be screwed by now so how long do you
reckon it would take for another man like him to rise to power? I would give
it maybe 5 generation and I'm being generous here. Given how China is behaving
right now drunk on power i don't think we're going to have to wait that long.

------
antihero
Do there yet exist tutorials that the average Joe can follow for PGP/GnuPG?

~~~
6d0debc071
That they can follow? Yes. I think Gwern's got a fairly simple rundown on her
silk road article on her website. That they can make practical use of for day
to day? Not really, no.

------
drawkbox
I agree crypto on personal and business communication by default would be
great, but it won't do much to truly protect the data from national security.

If using NSA approved crypto they'd love that such as RSA.

It's newer algorithms like PGP in the 90's that actually protect (or did) or
extreme military grade encryption. Trapdoors and algos that can be broken by
the NSA are more preferred and don't get the Zimmerman treatment because of
that. If I were the NSA I'd do the same thing, it is their job.

There really is no way to fully encrypt that isn't undoable by the NSA. As
long as it is only the NSA and not some other competitor spying on business
ideas and private communications. Trapdoors for national security are
typically in the software or a known flaw that makes it easier to decrypt and
recover this information, obtain keys or enter the system to trigger and get
the needed information to reverse. There are ways to trigger these modes
within the software, software to be used by the NSA has to be approved by
them. There is a reason you are subject to all sorts of scrutiny if you don't
use approved algos/software wherever you do encryption/decryption (even when
you upload a new app you are asked this and can cause problems if you aren't
using the system crypto libraries).

<http://www.rsa.com/rsalabs/node.asp?id=2188>
<http://www.rsa.com/rsalabs/node.asp?id=2240>

If you want to test this, simply make your own crypto lib and send some comms
to a bad place in current geopolitics (I don't recommend it). Soon you will
get a visit from the FBI and you may get the Phil Zimmerman treatment. Again,
can't fault them, it is their job, but understand nothing is truly secure from
national security. Yes it might be impossible for other businesses to read it
or individuals but not the organization that employs the greatest
cryptographers of all time.

~~~
ds9
Where do you get the claim that NSA can reverse cryto that is generally
believed unbreakable? Maybe you meant to refer to DSA, which is deprecated, in
this line: "If using NSA approved crypto they'd love that such as RSA". RSA is
used today for SSH keys.

How about links supporting the claims about NSA? I don't doubt they're trying
to break any encryption as far as possible, but the statement that they
definitely can break anything needs some evidence.

~~~
drawkbox
The algorithms may be secure, the software isn't always, much like backdoors
in software so to can the libraries that do the encryption even outside the
software (Windows even had an NSA backdoor in the 90's -
[http://slashdot.org/story/99/09/03/0940241/nsa-backdoor-
crea...](http://slashdot.org/story/99/09/03/0940241/nsa-backdoor-creates-
security-hole-in-windows)). They confirm nor deny this but I ask you if you
were a national security cryptography agency what would you be doing?

Some papers on some techniques, even modes that make weaker key generation:
<http://www.cryptovirology.com/cryptovfiles/newbook.html>

The last real non NSA approved system was PGP in early 1990's, look up Phil
Zimmerman and understand that if you create a system that the NSA has trouble
peering into if needed (sometimes with considerable processing power) you will
be contacted.

<http://www.rsa.com/rsalabs/node.asp?id=2316>

"As the premier cryptographic government agency, the NSA has huge financial
and computer resources and employs a host of cryptographers. Developments in
cryptography achieved at the NSA are not made public; this secrecy has led to
many rumors about the NSA's ability to break popular cryptosystems like DES
(see Section 3.2), as well as rumors that the NSA has secretly placed
weaknesses, called ``trapdoors,'' in government-endorsed cryptosystems. These
rumors have never been proved or disproved. Also the criteria used by the NSA
in selecting cryptography standards have never been made public."

There would never be definitive evidence and if so it would cause huge
problems, for most communications including fast SSL/HTTPS exchanges for
business or regular private communications this is not a worry. Most
encryption is good enough for that level of communication, there is a reason
though the military for sensitive information is using much greater levels and
systems for crypto than consumer grade. Just don't be naive to think the NSA
can't right now read all of your communications encrypted or not through many
avenues trapdoors, backdoors in libraries, taking over computers to get
private keys (all keys are stored somewhere and all passwords have to be typed
in at some point) etc.

~~~
nearengine
Do you have any further info on "the military for sensitive information is
using much greater levels and systems for crypto than consumer grade"?

From what I understand, the DoD standard is AES 128.

~~~
drawkbox
For commercial and FIPS supported that works, also for SECRET data. AES 192
and 256 are approved for TOP SECRET data.
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Se...](http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Security)

However I am pretty sure noone is uploading target coordinates or guiding
missiles using AES 256 even, it seems. I could be wrong but I would assume
something greater.

It is assumed the NSA, other than side channel attacks, cannot break AES as of
2006, still it is getting close.

"AES has 10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14 rounds
for 256-bit keys. By 2006, the best known attacks were on 7 rounds for 128-bit
keys, 8 rounds for 192-bit keys, and 9 rounds for 256-bit keys.[11]"

------
darxius
You know, part of me wants this to happen. It will force a lot of high profile
technology companies (and spawn new ones) to adopt end to end asymmetric
encryption. Of course, this is idealistic, but there could be some good to be
gleaned from it.

~~~
wmf
Huh, I had the opposite interpretation. If you have end-to-end crypto then
you'd have to add a backdoor, but if you have weak or no crypto then your
system will need little or no change.

------
pron
I actually feel much worse with the fact that large corporations with no
oversight, who knows what kind of security, no counter-intelligence and little
if any background checks on employees, have a front-door entrance to my data.
Think about this: how hard would it be for a crime organization to put some
Google employees on their payroll and use them to get personal information on
just about anyone. How hard would it be for them to threaten a Google employee
to provide them with information? So now the government wants in? Join the
party.

I'd actually be happy, though, if the government put in place some/more
regulation on companies that collect so much personal data.

~~~
clubhi
It is difficult to get traceable user information at companies like Google. In
my experience startups do little or nothing to protect this data. They also
would be the ones likely to put a vulnerable backdoor in a product just to
meet some government mandate.

------
gasull
This is why we should use Bitmessage.

<https://bitmessage.org/>

PPA for Ubuntu or Debian:

<https://launchpad.net/~fuzzgun/+archive/pybitmessage>

------
brownbat
Encryption is hard to implement right, but by its nature, it can be
implemented at the ends, outside of the transmission network.

Ironically, one of the groups working hardest to enable and promote end-to-end
secure communications technology is NIST, ie, "the Government."

~~~
AnthonyMouse
>Ironically, one of the groups working hardest to enable and promote end-to-
end secure communications technology is NIST, ie, "the Government."

I don't see the irony. It's just the nature of government. The government
isn't one person, it's competing factions with conflicting interests.

The ideal in cryptography is to minimize the attack surface and eliminate
vulnerabilities. If NIST adopts poor cryptographic standards which fail in
that regard then they lose face and risk having their dominion over those
matters reduced. Their incentives therefore align well with those of the
general public.

On the other hand, the FBI's job is to put humans in prison. Security
vulnerabilities are their friend because they're often legally allowed to
exploit them. And as a bonus, the bad guys can exploit them too -- more bad
guys (real or imaginary) means larger law enforcement and defense budgets.

~~~
brownbat
Agreed, this was what I was pointing out. Government is a complex and
multifaceted enterprise, but people often treat it as a monolith, especially
in conspiracy theories.

There's a great line in "What Chinese Hackers Get Wrong About Washington:"

 _This is the most pervasive of of all Washington legends: that politicians in
Washington are ceaselessly, ruthlessly, effectively scheming. That everything
that happens fits into somebody’s plan. It doesn’t. Maybe it started out with
a scheme, but soon enough everyone is, at best, reacting, and at worst,
failing to react, and always, always they’re doing it with less information
than they need.

That’s been a key lesson I’ve learned working as a reporter and political
observer in Washington: No one can carry out complicated plans. All parties
and groups are fractious and bumbling. But everyone always thinks everyone
else is efficiently and ruthlessly implementing long-term schemes._

[http://www.washingtonpost.com/blogs/wonkblog/wp/2013/02/25/w...](http://www.washingtonpost.com/blogs/wonkblog/wp/2013/02/25/what-
chinas-hackers-get-wrong-about-washington/)

------
X4
Given that the Government has already back-doors in nearly all of your
communication. How would they utilize it? What would their benefit be?

That's nothing but Psychopathic behavior!! Someone wanting to know everything
about you, just because there could something be that could harm you, or there
could something be that you could use to profit from. That's sick!

You put 99,9% of the population into quarantine, because 0,01% is infected,
thus harming all.

Then there is this obsession of some even more psychopathic citizens that act
as a voluntary traitor, just to get attention. Remember the volunteers who
helped to reveal the identities of demonstrators in the UK.

When I see an IT-Expert, I won't ask him to fix my computer just because he
can, but people do. They don't care about the time and effort someone has to
offer for you for free. They require it, because they believe they can require
it. IT-Experts usually don't have high self-esteem which allows many people to
put knives into the backs of those IT-Experts. That's the same egoism that the
Government has, it believes to stand above the human rights.

Well it's sad, but in the US you've given up on privacy more or less, because
everybody thinks about his own profit and not being willing to share a dime of
your profit, even in theory, allows politicians to reform the law into
something stinky. But politicians profit from doing that, because the suggest
stinky compromises. Someone has to break this cycle. If I said that in an
uneducated channel, people would say: "stupid communist" or something. But in
reality I believe that people should just be friendlier to each other. Why is
that so hard to understand. :( This makes me truly sad.

I live in a world where I have to use simpler and simples words, just because
my surrounding doesn't understand common words anymore. The overall IQ is
getting lower and lower, so low that I cannot use metaphors, sarcasm, irony
and even folk wisdom anymore, because people are completely unaware of them.
Knowing that these people would accept this law, because they don't care,
don't read, don't think on their own is sad. People don't start thinking on
their own, they agree on others or more popular people say, as if this was
fully acceptable and logical. I am so happy when I hear about services like
<http://udacity.com> because I hope the next generation won't dumb down like
this generation. Way too many children fail at school, way too many pupil
don't get higher education. The gap is becoming greater, your heritage becomes
your identity.

Orwell laid it out dangerously obvious in his novel. Most of it got real.
Let's hope that the day "Lies" become "Truth" never arrives.

We blame China, while we export the technology for it. We blame China while we
implement that censoring infrastructure into our own Governments.

Hypocrites.

