
An even worse anti-encryption bill than EARN IT - abecedarius
https://cyberlaw.stanford.edu/blog/2020/06/there%E2%80%99s-now-even-worse-anti-encryption-bill-earn-it-doesn%E2%80%99t-make-earn-it-bill-ok
======
lunchbreak
A Twitter thread [1] from Matthew Green in this bill. Essentially he says that
this bill is a dead on arrival bill which is designed to make EARN IT look
like a fair compromise.

And we better not fall for it

[1]
[https://twitter.com/matthew_d_green/status/12759760840231198...](https://twitter.com/matthew_d_green/status/1275976084023119874)

~~~
calebm
This is called the "Door in the Face technique"
([https://en.wikipedia.org/wiki/Door-in-the-
face_technique](https://en.wikipedia.org/wiki/Door-in-the-face_technique))

~~~
Flenser
I'm surprised that page makes no reference to Overton Window which is also
relevant:

[https://en.wikipedia.org/wiki/Overton_window](https://en.wikipedia.org/wiki/Overton_window)

~~~
luckman212
Thanks for that. I was aware of this phenomenon but didn't know its name.
Funny, the Overton Window article does link to DITF, but not the other way
around.

------
pensatoio
These bills terrify me. A lot of stuff happens in politics that’s frustrating,
and much of it doesn’t catch my attention. There’s something about the pure
ignorance that goes into breaking encryption that I can’t comprehend. I can
understand when bills come through and the extreme differences in opinion are
the result of different interpretations of facts and truth, but when it comes
to encryption, there is no safe party. We will all suffer equally, every
political party and apolitical individual alike, once these idiots make math
illegal.

Whatever your political affiliations may be, these are grounds for r/pcm level
unity.

~~~
desmondw
I think ironically a bill like this passing would lead to more
decentralization of services -- making their goals of monitoring information
even harder.

~~~
_tw9j
They don't want to track people who will use those decentralized services.
Simple as that.

They want control over majority. Nothing else. Any legal business will be
required to do what law requires them and it will affect every citizen.

I have no hope given the stupidity of my country to do something against acts
like [1] personal data protection law or the decryption act. US going towards
that road only means it's easier to justify our country and many others to go
even higher. Soon a mandatory camera inside house for legal citizen.

1] [https://carnegieindia.org/2020/03/09/what-is-in-india-s-
swee...](https://carnegieindia.org/2020/03/09/what-is-in-india-s-sweeping-
personal-data-protection-bill-pub-80985)

~~~
tharne
Nailed this. This is about controlling the 99% of folks who aren't going to
take the extra step of using a decentralized service. Think about how hard it
is to get friends and family members on board with something super easy to use
like Signal. Open source decentralized services are DOA for the overwhelming
majority of people.

------
jeffparsons
Computer criminals (especially the commercial variety) and foreign
intelligence agents must be drooling right about now. If something like this
becomes law, it's only a matter of time until a mass-breach gives, e.g., China
or Russia the dirty laundry of thousands of politicians and business leaders
in one fell swoop. I don't think I need to spell out what that would mean for
what's left of democracy in the USA.

I'm curious to know if anyone has any insight from the inside: do the
particular congresscritters drafting these bills genuinely not understand the
damage that would be done if this sort of drivel passed into law, or do they
just not care?

~~~
naringas
but why do you think that 3 letters such as the FBI, DEA, or the NSA or CIA
will stop using strong encryption?

do you really think that the DHS will just break its own encryption because of
some laws?

~~~
big_youth
The thing is all those three letter agency’s make heavy use of civilian
contractors and commercial products.

There is no doubt they are using some bigco vpn or other software that
can/will eventually be compromised.

~~~
jsjohnst
> The thing is all those three letter agency’s make heavy use of civilian
> contractors and commercial products.

Using Ed Snowden’s autobiography as a point of reference, I’d say the IS
agencies have probably 25% of the staff or higher as contractors, so
definitely heavy use.

------
zelphirkalt
> Incentivizes technical innovation

What a load of bs.

Because those tech-freaks always find a way right? Innovation will simply
appear without any doing on our part. We can just create non-sense bills and
laws and they will make it work. They will magically find a way.

These imbeciles do not even understand the simplest things about encryption,
but want to make laws for it. Ridiculous. I would laugh right now, if it was
not such a serious issue.

Well, I am not in the US, but it will affect people world wide, who use
services hosted in the US and next things happening EU comes around the corner
with an equally stupid idea and it will hit me directly. Time for EFF again to
save this world from idiotic leadership. You have my support.

~~~
mratsim
This would be in breach of various privacy laws in the EU.

Companies have been sued for using weak encryption (cough plaintext
passwords).

~~~
zelphirkalt
Of course, yes, but does it stop any of these politicians to come up with
stupid ideas? I don't think so. Do we need more tests of what is OK in front
of the European courts? 'cause once these politicians are sufficiently
"incentivized" they wont stop pushing "their" ideas.

------
sailfast
Crypto is classified as an armament for export control. I’m keeping mine under
the second amendment, since the folks who wrote this bill seem to care about
that one.

As an aside: does that mean US DoD will get a back door as well? As a secure
provider with over 1M users that required encryption at rest and in transit I
think they should be the first to give up the keys to law enforcement.

~~~
LanceH
Congress should be the first to lose the things they vote to restrict. They
should lose it for at least a year before a bill is allowed to pass by simple
majority.

~~~
sailfast
Yeah the TL;DR: on this is “Bill Barr (or any AG) could read all of your
emails without a warrant if you vote for this.”

I know they would legally require a warrant to read them, maybe, but he’d have
the access without it. Not a fun thought to go back to Hoover-style DoJ
practices.

~~~
WrtCdEvrydy
> “Bill Barr (or a Democrat AG) could read all of your emails without a
> warrant if you vote for this.

That would fix it.

------
tomcooks
Please stop voting dumbasses in the US, it affects everyone living in
countries who have commercial agreements with then

~~~
CivBase
This might be an unpopular opinion, but I don't think we should encourage
people to vote as much as we do. Voting is an opportunity to make your voice
heard. If you have nothing to say about the issues facing a particular office,
don't vote.

I do not vote for candidates who I am not informed about, but many people do.
Those uninformed votes just drown out the voice of the informed voters and
reinforce the party-line tribalism that seems to be slowly taking over the
nation. In an ideal world, I would be informed about the issues surrounding
all of the offices for whom I'm asked to vote. Unfortunately, I simply do not
have time to concern myself with more than a handful of offices.

~~~
JumpCrisscross
> _Those uninformed votes just drown out the voice of the informed voters_

I've always been a fan of general election ballots showing names, in a
randomized order, with no reference to party.

~~~
ipnon
Taiwan lists the candidates in a random order but includes their picture and
their number in that order on the ballot. The candidates know their number
from the beginning of their campaigns and wear the number on their clothing.

------
happythomist
Contrary to what some people are implying, support for mandatory decryption is
not evidence of technological illiteracy.

From the perspective of these lawmakers, encrypted storage is like a safe. You
have the right to store records in a safe to keep them away from prying eyes,
but law enforcement has the right to order you to unlock that safe if they
have a warrant. You have the same right to store those same records on an
encrypted device, but law enforcement has the same right to order you to
decrypt that device if they have a warrant.

Since people will sometimes refuse to decrypt a device, even when ordered to
do so by a court, these lawmakers want to require OEMs and service providers
to maintain control of the keys when they encrypt information on a user's
behalf so as to increase the chances that lawful decryption can take place.

Is this a bad policy? Quite possibly. It has certain risks and makes certain
tradeoffs, like any other policy. But it is arrogant to assume that anyone who
supports it must be ignorant of how encryption works.

~~~
kinghajj
With the safe analogy, I swear there's precedent that, if the security is a
_physical key_ , then a court can compel the owner to produce it. But if the
safe uses a _combination_ , the court cannot compel its divulgence, since that
would violate the fifth amendment protections against being forced to testify
against oneself. Encryption "keys", and the passwords from which they are
commonly derived, are much more akin to combinations than to physical keys.

~~~
happythomist
I think there might be a circuit split on this issue, but IMO merely divulging
a combination or encryption key is not "testimonial" (and therefore not a 5th
Amendment violation) except insofar as it admits knowledge of the combination
or key itself. But if police can establish separately that you know it, then
the "foregone conclusion" exception applies.

If you can point to specific precedent that would be helpful.

~~~
happythomist
Did some more research on this; see this comment:
[https://news.ycombinator.com/item?id=23647018](https://news.ycombinator.com/item?id=23647018)

------
alkonaut
> (R-SC)...(R-AR)...(R-TN)

It's funny how you can read just that and know that the bill is going to be
absurdly bad. Not even just bad in the philosophical/political sense but
actually just _bad_ as in not understanding the problem space, or not even
formulated clearly or coherently.

~~~
cabaalis
Are you saying that Rs or people from southern states are incapable of
critical and analytical thinking?

~~~
cure
Perhaps just that that combination does not have the best track record in that
regard. Their war on science, etc.

------
sitkack
Do we need an amendment to the constitution? We can't keep fighting these
fights. Eventually they will win.

~~~
SamuelAdams
Yes, I'm surprised there is no "right to privacy" spelled out in clear terms.
Sounds like that would be a wonderful thing to add directly to the
Constitution.

~~~
ipnon
The 4th amendment is supposed to guarantee this right. The Senators are old
men who don't understand technology, so they believe that the protections that
applied to letters at the time of the constitution don't apply to the medium
that has replaced letters, namely email and messaging.

~~~
54thr
Please... These people know exactly what they are doing. The internet is a lot
of things, and one of those things is a tool for mass surveillance. It's
always, always been about power and money.

~~~
ipnon
You are right, they have no excuse.

------
incompatible
Would this be for "online services" only, or would operating system vendors
have to decrypt users' encrypted file systems on demand?

Answer: according to the article "any device that has more than a gigabyte of
storage and sells more than a million units a year could have to build a
government-required backdoor if it is subject to five warrants or other
requests, as would any operating system or communication system with more than
a million active users."

~~~
a012
I briefly read the doc and it requires assistance to decrypt local device
storage and remote storage. So it's a full spectrum demand for decrypting
data.

~~~
incompatible
Going after systems that have over a million users would leave a pretty big
loophole for niche vendors and open source. But with such a big precedent,
those could easily be targeted later.

~~~
bilegeek
For those, like you and me, who have been touting open-source as a beacon of
hope: I'm sorry, we're done for.

First, anything that has more than a gig of memory and sells over a million
units must be engineered according to the government's whims. That is pretty
much ANYTHING useful nowadays. Hardware will now spy on you. And even though
there is old hardware, and theoretically zero-trust programming techniques out
there, that won't matter because:

They will go after open-source projects.

Any single method alone wouldn't work, but if pushed all at once, they could
smother us. File lawsuits against and harass not just maintainers, but
contributors and possibly even users; force registrars to de-register domains,
and search engines to forget links; have ISP's stop allowing Tor connections,
or possibly even implement whitelists of all websites instead of blacklists of
"bad" ones.

Without secure computers, in today's world, there is no organized protest;
there is no organized opposition; there is no truly effectual dissent, because
the other side can see all and end it before it becomes an issue. And even
then... _gestures wildly_.

Constitutionality means jack without both belief and enforcement. We have
neither; a public split and jaded, and a government empowered in the worst
possible way. And even if this doesn't pass - and that is a horrifyingly small
if - the very fact that this is even being proposed is evidence that the
battle is close to being lost completely. There is no second chance in this
chase, and we are going to trip and fall eventually.

Though hope may be lost for us, may we retain hope that our descendants are at
least somewhat at peace with the world we have given them.

~~~
mratsim
What if you put a text in your project:

All lawsuits are in the jurisdiction of X Tribunal, situated in Switzerland or
another privacy-friendly country?

~~~
tonyarkles
I’m drawing a blank on the name of the show... there’s a series on either
Netflix or Prime Video where a retired high ranking FBI officer walks the
viewers through a bunch of crazy cases. The majority of them are foreign
intelligence related. I think it’s meant as some kind of pro-FBI pro-American
low key propaganda.

Anyway, as a Canadian, one of my key takeaways from watching it is that it
doesn’t matter what country you’re in, nor your nationality, nor the nation
where you’re committing crimes; if the FBI or similar large agency decides to
target you, you’re going to at a minimum have a really bad time, and very
potentially end up getting a free trip to the US to spend time in jail, even
if you’ve never stepped foot in the country before.

The show has this “look at how far we’re willing to go to keep America safe!”
vibe to it, but as an outsider I found it pretty horrifying.

Edit:
[https://en.wikipedia.org/wiki/Declassified_(TV_series)](https://en.wikipedia.org/wiki/Declassified_\(TV_series\))

------
RcouF1uZ4gsC
This bill will be sold to the right as helping fight against foreign
terrorists living in the US. It will be sold to the left as helping against
the alt-right organizing and spreading hate. And it will be sold to everyone
as helping stop child exploitation.

In addition, there is already a lot going on in the country to keep the
average person from focusing on this issue. It seems like allowing the
government to spy on everyone is a pretty bipartisan agenda.

~~~
gentleman11
The further we get from wwii, and the Cold War to some extent, the harder it
is to remind the public how scary it is to live without freedoms. How do we
remind them? Could China and Russia act as cautionary tales that voters would
respond to?

Putin jailing and murdering his political opposition, Chinese concentration
camps for muslims - why do so many people assume it can’t happen here? Nazi
germany wasnt some backwater nation, it was a strong, extremely cultured,
advanced nation that was going through some very hard times. Germans didn’t
like what happened - there were countless assassination attempts against
hitler, but it was just eventually too late

~~~
anon9001
> why do so many people assume it can’t happen here?

Is that actually the assumption? I'm pretty sure everyone already assumes that
the government already has all of your messages, browsing history,
transactions, etc, and they can come for you if they want.

Between the massive surveillance state that already exists and the judicial
miracle of "parallel construction", it's _already_ very much a problem. The
only thing left to do is scale up.

~~~
AnthonyMouse
There is something worse than gulags.

Telescreens, watched by "AI".

They can arrest you on trumped up charges, but it's not really feasible to do
that to everybody, and extreme heavy-handedness promotes resistance.

Once they reach inside your device, they don't have to murder or imprison you,
they can just give you a little slap whenever you try to stray from the garden
path. Let you know that they're watching so they don't even have to censor
you, and can claim that they don't, because you censor yourself.

Crimethink. Doubleplus ungood.

~~~
FerretFred
_They can arrest you on trumped up charges, but it 's not really feasible to
do that to everybody_

No, but I would imagine there would soon be some way of removing your liberty
and keep you under house arrest for a set period. Imagine if they made sure
your banking and cards were frozen for the period to stop you going
anywhere...

~~~
gentleman11
Or a social credit system that prevented you from using public transit

------
noodlesUK
What’s the situation when two (ostensibly friendly) superpowers, the US and
EU, have totally mutually incompatible laws regarding something totally
transnational? I’m not asking rhetorically, I’m asking legally, what is a
company to do if they want to do business in both locations?

~~~
kd5bjo
Depending on the nature of the conflict, it might not be possible at all.
Countries generally reserve the right to control both what crosses and happens
within their borders- that’s more or less the definiton of sovereignty. If two
countries have mutually-exclusive regulations regarding some goods, there
isn’t a legal trade in those goods between them.

~~~
mratsim
I guess it's time for github.eu

------
austincheney
The solution to policies like this is serverless or point-to-point systems. As
an application publisher you cannot be held liable or obligated towards that
which you do not possess and are, by design, not capable of possessing. As an
example consider copyright law and BitTorrent. BitTorrent provides a software
application and protocol but not servers or services, so the BitTorrent
software is never liable for the copyright violations of content that makes
use of its protocol.

~~~
kelnos
The solution is to vote out idiots who support things like this, and get the
government actually working for its citizens again, not against it. That's
hard, and feels damn near impossible sometimes, but it's required. You can't
fix social problems with clever technological workarounds.

~~~
mratsim
But clever technological workarounds might expose those idiots for what they
are:

Clowns trying to "regulate" things they don't understand without seeking
expert advices beyond their narrow lobbyists.

~~~
marcosdumay
The most "exposing" you will be able to do is to get them pushing insane laws
that criminalize coherent action.

AFAIK, that's done already. You won't move further by technical decisions.

------
cabaalis
I'm from TN. It's no surprise to me that they also target DNS over HTTPS.
Marsha Blackburn has long been in the pocket of large internet providers. She
successfully stopped a large city here in TN from expanding their own
successful municipal broadband.

------
xedrac
As someone who typically votes conservative, this is the kind of ignorance
that makes me seriously reconsider my stances. This would be throwing the baby
out with the bathwater, and go a long way toward emulating China. No thank
you! Time to double down on encryption efforts and Tor usage.

~~~
hedora
I hate to break it to you, but if this bill bothers you, then you’re best bet
is to vote for the progressives. Welcome to the left wing, comrade. :-)

Over the years, I’ve watched most of my conservative friends defect to the
democrats as the Republican party morphed from “small (but efficient)
government” to starting the War on Science and War on the Climate, not to
mention all the useless wars against the Middle East, etc.

At the same time, the Democratic party also veered to the right, and I’ve
watched my liberal friends (and now, some of those conservative defectors)
move to the progressive part of the democratic party.

It’s not that people’s opinions have changed, it’s that the parties have sold
out their core values to appease big donors.

Prior generations in the US became more conservative as they aged. I don’t see
that happening with my generation. Between that and demographic shifts, the
Republican party is representing a rapidly shrinking minority of the
population. I just wish the senate wasn’t so skewed toward conservative states
and against city dwellers. 42 votes are controlled by a group of people the
size of California.

Worse, the senate gets to appoint federal judges, so a minority of the US is
electing the people that have exclusive control over court appointments (they
simply refuse to appoint judges when there is a Democrat in the white house)
and they’ve packed them with radicals.

~~~
agensaequivocum
> I hate to break it to you, but if this bill bothers you, then you’re best
> bet is to vote for the progressives.

Haha no. They both suck. It's only politically convient

> the Democratic party also veered to the right

I think you mean the left have veered radically more to the left.

> I just wish the senate wasn’t so skewed toward conservative states and
> against city dwellers.

As designed. Really we should go to the way it was supposed to be with the
state legislatures choosing senators.

> hey simply refuse to appoint judges when there is a Democrat in the white
> house

The democrats will do exactly the same in the reverse situation.

------
Hnrobert42
Perhaps conservatives will find compelling a comparison to the second
amendment. When crypto was outlawed, only outlaws will have crypto.

The letter I sent to my senators is as follows:

I care deeply about the safety and security of my fellow Americans. I
understand the challenges that strong encryption poses for law enforcement. I
don’t want the terrorists and pederasts to win.

Yet, I strongly oppose Senate bill 4051, LAEDA. Consider giving a copy of your
house keys the police just in case they need to come in without you knowing.
Boy, I hope no one ever decides to steal all those keys at once. I hope no one
guarding the keys ever develops an opioid addiction and decides to sell just a
few keys. I hope China and Russia don’t get curious about what you are
discussing with your colleagues and decide it would just be easiest to raid
the key pantry.

Meanwhile, the real bad guys will just continue using existing, strong crypto.
When crypto is outlawed, only outlaws will have crypto. As a strong supporter
of the 2nd Amendment, you understand that it is every person’s right to defend
themselves against the evil forces in the world as well as protect against a
potentially tyrannical government. Just because some criminals use guns for
evil doesn’t mean we should curtail the rights of the majority who uses them
for lawful defense.

Please don’t be fooled that LAED or EARNIT leave strong crypto intact until a
warrant is issued. No. These acts force everyone, law abiding or not, to
install a trigger lock the government can switch on remotely. Do we really
trust the next administration not abuse that right? Do we really trust big
business that much?

Personally, I prefer to stand my ground. I have done nothing wrong. I will not
hand over my rights to defend myself.

~~~
mratsim
Given how controversial gun ownership is, I wouldn't use that as an example,
it might undermine the case.

~~~
sitkack
Depends on who the recipient is.

------
ashton314
Is there a way to see exactly which senators vote for a bill? I’m writing my
senators now about how bad this bill would be, and I want to see if they
follow through.

~~~
cheschire
Yes!
[https://www.senate.gov/legislative/HowTo/how_to_votes.htm](https://www.senate.gov/legislative/HowTo/how_to_votes.htm)

There's also third party sites, such as this one which offers email services.
[https://www.govtrack.us/congress/votes](https://www.govtrack.us/congress/votes)

~~~
gpanders
govtrack.us offers RSS feeds for every legislator as well, so if you have an
RSS reader already set up you can just add the feeds for your representatives
(you don't even need to create an account on govtrack!)

------
Fradow
Being in the EU, I really wonder how this is going to play out if this bill
comes to pass.

It's pretty clear this bill is incompatible with the GDPR, which specifically
mandates using state of the art encryption when appropriate (and a backdoored
encryption is certainly NOT state of the art).

The 2 laws would be fundamentally incompatible, which means we would probably
see different services based on geolocation from the big companies (GDPR
applies to EU residents, not citizens, so there is no overlap), but this means
small players will have to choose between EU and US or take a legal risk.

From a risk perspective, the US have an exception for under 1 million users,
while the EU has nothing of the sort. Which means it would, in theory, be less
risky to start in the EU, expand in the US, and when you reach the 1 million
users bar, separate EU from US operations (which has obviously a lot of
issues, how do you handle a user moving from one place to the other, or users
interacting accross boundaries?).

Let's hope this won't be the trigger to have several continental/national
"internet" instances, but this is definitely going to contribute to a split.

~~~
wizzwizz4
We're going to have the "international edition", with 256-bit encryption, and
the "US edition" with 40-bit encryption.
[https://en.wikipedia.org/wiki/40-bit_encryption](https://en.wikipedia.org/wiki/40-bit_encryption)

------
fulafel
What are the effects of this, if passed, on the rest of the world using Office
365, Facebook or AWS? It might be impossible to reconcile with some regulation
in eg the EU.

~~~
Cthulhu_
I hope (fingers crossed) that the encryption laws will simply not apply to the
EU. I mean most US companies operate via an intermediate company hosted in
e.g. Ireland or the Netherlands already, so I reckon legally they can
disregard these bills.

Of course, if the US government starts to offer money for data, they may budge
anyways. I'm fairly sure MOST data can freely be shared with the US, it's just
government data and higher level company data that isn't allowed to cross the
borders.

~~~
hedora
[https://www.linklaters.com/en/insights/blogs/digilinks/2019/...](https://www.linklaters.com/en/insights/blogs/digilinks/2019/september/us-
cloud-act-and-gdpr-is-the-cloud-still-safe)

Tl;dr: For most data, the cloud vendor is basically forced to violate either
the cloud act or the gpdr. The gpdr has a bunch of fuzzy carve outs for
requests involving people in danger or the “public interest”. My guess is that
those will be expanded over time to force the data to be handed over,
regardless.

If the data isn’t “personal information” (financial records aren’t, for
example), GPDR doesn’t apply and the warrant must be served.

I think this means that, because they could hypothetically receive a warrant
they have to serve, the Ireland/EU intermediary (or the US company that
provides them with the software/hardware) will have to backdoor the
encryption.

I am not a lawyer, and I haven’t even read any of these bills. I’m just
piecing together summaries. I don’t think anyone really knows how the three
bills will interact in practice.

------
schaefer
I've read the bill of rights.

i have a right to be secure in my papers and affects.

okay, this bill emphasizes that police need a warrant, but glosses over the
bit about actual _security_.

administrative controls aren't security. That's why we haven't outlawed locks
on the front door...

~~~
el_don_almighty
lockpickinglawyer on youtube should quickly dispel any sense of security you
have with the lock on your house. It is literally ZERO

~~~
bbarnett
Entering an unlocked house, in many common law jurisdictions, is tresspass at
best.

Picking a lock falls into break and enter, regardless of the name of the
charge.

Windows, and even walls offer little security in modern houses too! I can
literally punch my way through vinyl siding, with chipboard under that,
through to drywall.

~~~
dragonwriter
> Entering an unlocked house, in many common law jurisdictions, is tresspass
> at best.

False, opening or door window is sufficient for the breaking part of burglary
at common law, locks.are irrelevant. If locks are relevant, it's not because
of common law.

~~~
bbarnett
There's no universal 'common law'. Each jurisdiction has its own, diverged
"branch" of common-law, each with its own peculiarities.

Primarily, based upon its history.

And as the legislative branch passes laws, they effect the power of, modify
the scope of, or render inert many such judicial decisions.

This is why I said "many common law jurisdictions', not just 'common law'.

One vital part of common law, is intent.

A door with a lock on it? And you pick it / disable it? It is going to be
exceptionally difficult to prove benign intent here.

An unlocked door? Well...

Are your friends 'breaking and entering' by opening the door and walking in?
Again, intent here...

Did you knock, and "thought you heard something"? Again, intent.

There have been many court cases, but as an example, for a while, in Ontario,
Canada, it was common for police to knock at the door, and simply enter saying
"Oh, I knocked.. but no one heard me."

I kid you not.

But let's take a step back here, and give you an example as to why this
becomes more difficult with an unlocked door.

Part of the issue here is, many houses have a covered, 'cold room' prior to
the house proper. Yet, this is _still part of the house_. It has a roof and
walls, a door. It is simply part of the house.

In many colder climates, you enter this area. This is fully expected. You're
now sheltered, but it isn't heated. When the owner opens the "door proper",
blowing snow and wind won't enter their house. Ergo, to knock, you must
approach the "real door" of the house, inside this room, and knock.

It is also not immediately clear if the "very outside door" you are accessing,
is a cold room, or the actual door of the house. How do you discover one way
or the other? Why you open the door, and enter!

Intent is primary here. Entry into an unlocked house does not prove intent, as
there is no 'forced entry'.

One thing ; in Canada, the police lay charges. A person need not even make a
complaint, for the police to act. Nor does a person insisting that the police
not charge someone, indicate this will happen! An example here ; the police
discover assault of some form. They only need evidence, not willingness to
'charge'.

Now take this legal position, and assign it to people entering houses. Your
friend enters your house, as he always does, without even knocking.

According to you, that's 'break and enter', yes? What differentiates here?

Why, intent of course!

Intent is primary, and a locked door creates a very strong validation of
intent. An unlocked? Zero validation.

------
zulgan
reading those bills makes me feel quite hopeless, considering Gell-Mann
Amnesia[1]:

    
    
      Briefly stated, the Gell-Mann Amnesia effect is as follows. You open
      the newspaper to an article on some subject you know well. In Murray’s
      case, physics. In mine, show business. You read the article and see
      the journalist has absolutely no understanding of either the facts or
      the issues. Often, the article is so wrong it actually presents the
      story backward—reversing cause and effect. I call these the “wet
      streets cause rain” stories. Paper’s full of them.
    
      In any case, you read with exasperation or amusement the multiple
      errors in a story, and then turn the page to national or international
      affairs, and read as if the rest of the newspaper was somehow more
      accurate about Palestine than the baloney you just read. You turn the
      page, and forget what you know.
    

It is horrible to think the same thing probably exists in politics, and I cant
even imagine what goes through in fields I don't understand.

[1][https://www.epsilontheory.com/gell-mann-
amnesia/](https://www.epsilontheory.com/gell-mann-amnesia/)

~~~
second--shift
Have an upvote for an ET allusion.

The blog has some interesting philosophy about collective "philosophical"
inertia - everything is meta-stable, until it isn't. I can't help but think
and feel that we are at or nearing a maxima change - we are pushing over the
edge of our current local maxima, and many things about modern society will
change all at once.

------
BiggsHoson
After this passes, imagine a perfect storm scenario where a widespread crisis
--real, manufactured, or blown out of proportion and deemed an imminent threat
by the powers that be--affords governments the cover to force everyone to stay
at home and completely rely on the Internet in efforts to maintain some kind
of sanity during "these challenging times".

Oh, wait...

From there, it is not hard to imagine that compliance with such government
lockdowns could be deemed critical for "national security". Suddenly,
decryption surveillance on large numbers of the population is done in response
to a situation seemingly not even imagined (as far as we can tell) in the
creation of this bill. They will not have to publicly ask for people to snitch
on their neighbors--they will already know.

"But," some will say, "it is to keep us all safe." Replace a health crisis in
the above scenario with...I don't know...maybe your desire to join a local
protest over something.

When the LAED Act passes (I am pessimistically sure that "if" does not apply
here) poetic justice would be for those "Republican" senators to be the first
targets of state-sponsored hackers decimating the personal fortunes they have
coincidentally amassed while holding office. To be honest, I am surprised that
there is not a provision in the bill to somehow exempt Congress, just like
there is with most other garbage legislation they say is best for us.

------
tomklein
Democratic nations are drifting more and more away from the wills of their
people. How can this be changed?

~~~
jbotz
Perhaps more accurate: some nations are drifting away from democracy. In
particular the US can't really be considered a full democracy anymore, and the
Economist Intelligence Unit (EIU) which publishes a "democracy index" every
year, has recently downgraded the US to "flawed democracy".

I think that this could happen in the US shows that democracy as currently
implemented in most countries still has significant design flaws. We need a
democracy 2.0 that's more stable, less easily corrupted, and helps educate the
people so that their "will" is more rational. Personally I still believe that
democracy is the only civilized option, or rather some manifestation of the
principles of the "Open Society" as described by Karl Popper is the only
option. But an Open Society is an iterative process which needs continuous
improvement by definition.

~~~
hedora
No democracy has lasted more than a few hundred years. I think the
constitution needed an expiration date. California’s proposition system is
slightly better, but not great.

We probably need about a half dozen amendments at this point. Here are a few:

\- “Right to privacy”, including against privatized surveillance.

\- “Right to civil protection” (end qualified immunity and binding arbitration
/ class action waivers)

\- Ban slavery, and ban profiting off slavery (no, we don’t have a blanket
ban, and yes, forced labor is a huge industry in the US)

\- Move closer to proportional democracy. All votes should count equally,
regardless of where you live. Currently a Californian vote in a federal senate
election is worth < 1/20 of a vote from a small state. Similarly, if you are
not in a swing state, your vote for the president basically doesn’t matter at
all.

\- Some sort of police reform. Maybe spell out “equal protection” a bit more
clearly.

\- Campaign finance (and revolving door bribery) reform

~~~
viridian
I don't think even your basic desires are possible, because no way in hell
you'd get the majority of states to buy in to point four, which might as well
read: "Establish a Californian political hegemony and erode away a significant
portion of innate state strength for 38/50 states". Couple this with the fact
that you'd need to spell out more well defined, explicit version of the first
and second (which you cannot do meaningfully and get a large majority of
support) , and the idea is DoA.

------
pico303
Has anyone tried asking politicians who are all for this kind of legislation
if they've thought about how it might affect them? I'm assuming they're not
using government networks for private communications with friends, family,
donors, mistresses, etc. Someone might suggest to them that once a bill like
this passes, those silly "LEO-only" limitations will be hacked pretty quickly
and the entire world will be reading their messages too.

------
stx
The thing I always wonder about something like the government having the power
to force people to decrypt data is what happens if the person claims they
forgot their key. I could very much see this happening to me if I was arrested
and my computers taken away only to months later be asked to unlock them.

Also what happens if the person used Rubber Hose cryptography. They could give
up a key and the government gets some data but it would be impossible to know
if they gave up all the keys. [https://en.wikipedia.org/wiki/Rubber-
hose_cryptanalysis](https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis)

------
83uy2982983r80
They are pushing the overton window of public opinion by introducing extreme
legislation which is so obviously bad it is certainly rejected. Then they
incrementally introduce "a fair compromise" and in either case: YOU LOSE!

------
L_226
This seems quite similar to the Australian Assistance and Access Bill [0],
which also compels companies to implement new solutions that enable decryption
services. This bill also makes it illegal for a compelled person to
communicate this order, even to their own company.

Seems like the old trope of Australia being the squishy testbed for shitty US
laws is true after all.

[0] - [https://www.homeaffairs.gov.au/help-and-support/how-to-
engag...](https://www.homeaffairs.gov.au/help-and-support/how-to-engage-
us/consultations/the-assistance-and-access-bill-2018)

------
jimmar
Have any smart people in tech come up with a solution that would satisfy the
4th amendment while preserving secure communications? It seems that to
lawmakers, tech people are proclaiming that they've done such a good job
building secure systems that the 4th amendment cannot apply to them.

Personally, I'd rather let some criminals go free than to break encryption. I
don't see lawmakers being willing to make the same trade-off.

~~~
dragonwriter
> Have any smart people in tech come up with a solution that would satisfy the
> 4th amendment while preserving secure communications?

Sure. The 4th Amendment has nothing against anything that preserves secure
communications.

> It seems that to lawmakers, tech people are proclaiming that they've done
> such a good job building secure systems that the 4th amendment cannot apply
> to them.

No, they are proclaiming that getting dangerous people is so important that
the privacy rights like those in the Fourth Amendment shouldn't apply, which
tendency is exactly why we have the Fourth Amendment.

------
fosco
What can we do about this? if it is not this one there will be another one
after it. I feel like the longer we wait the more likely this will get passed.

~~~
hedora
A constitutional “right to privacy” amendment would help, but it would need to
be carefully worded to avoid the loopholes that have been established around
unreasonable search and seizure.

Short of that, donate to progressive candidates, and tell them that this is
your hot-button issue.

------
stjohnswarts
This is why I donate a hundred dollars each to the ACLU and EFF every year
around Christmas time. It's not much but if everyone did it they'd be able to
find this stuff a lot better. Once our rights to liberty and privacy are taken
by the government it's 10X as hard to get them back.

------
srmatto
Until we get encryption as a constitutional amendment we can probably expect
to fight these types of laws perennially.

------
303brad
I really enjoyed reading this: [https://theneutral.com/2020/06/25/republican-
senators-propos...](https://theneutral.com/2020/06/25/republican-senators-
propose-lawful-access-to-encrypted-data-act/)

------
frankzen
When Phil Zimmerman created PGP one of his stated use cases was protection of
speech in totalitarian regimes. Well... looks like we're approaching that use
case. Encryption is permissionless by design.

~~~
frankzen
Also, I think begging politicians to see it any other way is a waste of time.
Widespread disobedience and resistance is the only way to knock it down. Make
it cost a lot to enforce.

------
throw1234651234
How do we practically and legally fight this without becoming an activist?
This is one of the few issues I actually care about.

This doesn't seem to be a topic on presidential candidate radars.

------
dhx
Encryption is only one overrepresented technological technique to achieve
communication security.

al-Qaeda reportedly favoured communicating in the clear with obfuscated
messages, attempting to make their communications become a needle in a
haystack of mundaneness that no one would raise an eyebrow to[1].

In World War 2, the United States hired native American speakers to
communicate in the clear, knowing that the Nazis would have no comprehension
of the languages spoken[2]. Use of obscure languages, local dialects and local
euphemisms has been widely used by drug cartels[3], parties to violent
conflicts, etc.

Criminals have been known to join and communicate via obscure online
multiplayer games under the assumption that no one has gone to the effort of
reverse engineering a proprietary game protocol and the developer hasn't gone
to the effort of implementing recording of or monitoring of in-game activities
that could be used for communication, including painting words on a surface
in-game, naming objects in-game, etc. Online multiplayer games also provide a
plausible reason (cover story) for two people to communicate with each other
and yet claim they don't know each other in real life--a feature most
encrypted messaging protocols can't guarantee.

Encryption backdoors are unlikely to be a concern to adversaries we should be
most worried about. History shows they have tended to assume that backdoors
exist and that use of encryption tends to draw unwanted attention.

[1]
[https://en.wikipedia.org/wiki/Obfuscation#Secure_communicati...](https://en.wikipedia.org/wiki/Obfuscation#Secure_communication)

[2]
[https://en.wikipedia.org/wiki/Code_talker](https://en.wikipedia.org/wiki/Code_talker)

[3] [https://publicintelligence.net/dea-drug-slang-code-
words-201...](https://publicintelligence.net/dea-drug-slang-code-words-2018/)

~~~
moloch
None of your cited examples are "secure," they're the very definition of
"security by obscurity," which is to say insecure.

[https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle](https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle)

------
MrWiffles
We should be prosecuting senators who bring such blatant violations of the
Bill of Rights forward in the first place.

------
bitxbitxbitcoin
I'm glad this post hasn't been removed because it's about a proposed bill as
opposed to a new law :).

------
cannedslime
How are you even going to enforce anti-encryption legislation? Deep packet
inspection?

------
frpzzd
Would this have any ramifications on something like the Tor project?

------
Keverw
This bill seems like something out of 1984... I kinda wonder if any big tech
companies will fight back like Apple since they push backed on issues
before... Other tech companies maybe too, but I think some tech companies are
fine with this stuff even if it creates extra burdens because its for example
easier for some of these huge companies on the stock market to go over
everything than some smaller tech startups.

Also really makes me less of a fan of the two party system... but then again
some people don't want to due to busy or just boring to look over every
candidates... Like maybe you are a Republican in Tennessee and then for all
the other candidates you check Blackburn since she's part of your party...
Seems like the actual president actions get more attention, more people have
opinions on Obama or Trump than their own representatives or governor.

I think it'd be interesting if people could vote on issues more directly, but
wonder if that'd be open up to fraud... Like how some candidates are against
mail-in votes... I'd think crypto and some other things might be stronger than
a signature. Speaking of signatures, I voted in one of the state elections
mail-in and the local county election commission rejected my ballot because of
my signature and got a letter back after it's too late to go to the polls... I
have really bad hand writings and I hate signing for things. It's annoying
lol... Like I used the mobile app for Subway once since they had a deal and
you have to sign the little paper receipt print out, kinda like scribble and
be done with it since not as important as other signatures though. While other
mobile apps, nothing to sign. Plus They don't even teach cursive writing in
schools anymore. So I think crypto and maybe some proof of being a live person
using tech might actually help. Kinda one of my own concerns about some areas
doing mail-in only for COVID... I wonder if you lived in maybe an area that's
mostly democrat and voted republican or vise verses if your signature is more
likely to be rejected. I wonder what the process for that is, do they keep
copies of people signatures when they registered to vote (DMV will register
you too, so maybe from state ID or License) or from their last ballot or when
they requested an absentee ballot maybe more likely?

Then I also feel like some of these candidates and other elected officials
live in their own little bubble, rich, overpaid and out of touch with society.

------
sixtram
how does something like this affect password managers like 1-password?

------
DyslexicAtheist
who would be he people in congress backing this bill? is there a list?

~~~
proverbialbunny
It says at the top of the article

>On Tuesday, June 23, Senators Graham (R-SC), Cotton (R-AR), and Blackburn
(R-TN) introduced a bill that is a full-frontal nuclear assault on encryption
in the United States.

As a general rule of thumb with how US politics have been going, this bill
will probably be split down party line.

~~~
coldcode
Graham has some compromat on him (he used to hate Trump and suddenly became
his biggest supporter over night), Cotton was the guy who wanted all
protesters killed, I have no clue on Blackburn. But this bill has zero chance
of passing; it's merely yet another case of political grandstanding. Lots of
things get introduced that can never pass.

------
0xy
This bill wouldn't receive enough support to pass considering the libertarian
wing of the Republican Party right?

~~~
NalNezumi
Isn't the libertarian wing considerably small part of the Republican party at
the moment? On top of my head I can only recount 3 major figures. The rest are
libertarians until they enter the game(get elected), then switch to being
party acolytes.

~~~
adventured
The Liberty Caucus has eight members in the House. Who knows how these people
will vote though and which ones can be pressured to vote for.

[https://en.wikipedia.org/wiki/Liberty_Caucus](https://en.wikipedia.org/wiki/Liberty_Caucus)

------
choeger
With China on the one end going into full dystopian mode and the US aiming for
a modern police state, I really wonder what the endgame is. Full fascism
again?

~~~
gentleman11
Again? When was the USA or world fully fascist? Whose endgame?

~~~
mcv
Fascism did control quite a number of countries some 80 years ago. I think
it's not unreasonable to say that full fascism was their endgame.

~~~
mjburgess
Fascism was a political situation in 1930s italy. I think the commentor is
objecting to this new, rhetorical use of the term which essentially connects
any "nostalgic, authoriatrian" impulse to a 1930s-style tyranny.

The left's use of "fascism" today is much like the rights use of
"socialism/communism".

~~~
grey-area
Just like the symbol of fasces was only used in ancient Rome and has no other
meaning? Or the swastika, used in India as a symbol meaning wellbeing?

Do you genuinely think symbolism and the meaning of words isn't plastic and
contingent on context?

~~~
mjburgess
I think when people trade on the negative connotations of "fascism" and then
turn around and go "oh i mean this..." they're being duplicitous and alarmist.

The antifa lot essentially define fascism as an eternal set of human
psychological impulses: nostalgia, in-group preference, desire for cultural
homogenity, etc.

These did not lead to Fascism, the "obviously bad thing" which they are being
alarmist about. Fascism was a direct result of, and contingent upon, the mass
death and poverty caused by WWI.

Words do have meaning, and it is precisely the negative connotations of
fascism that are being appealed to in the accusation. Absent these
connotations, almost everyone is fascist some of the time.

~~~
bluescarni
> Fascism was a direct result of, and contingent upon, the mass death and
> poverty caused by WWI.

That is grossly wrong. There was no "mass death and poverty" in Italy during
or after WWI.

~~~
mjburgess
wtf are you talking about?

Half a million Italians died in WW1. And as many again from the spanish flu.
And all of Europe was in a permanent condition of poverty until way into the
20th C. 80% of the population was poor working class even in 1970.

You do not get Russian communism without the prolonged period of slavery
called "serfdom" which persisted into the late 19th C. in russia.

You do not get fascism in italy without WW1.

This isn't controversial in political science.

~~~
bluescarni
The Italian deaths in WW1 were overwhelmingly soldier deaths, as the fighting
on Italian soil was limited to north-east border of the country (where
incidentally I am from). The civilian population was largely unaffected by the
war.

> And as many again from the spanish flu.

Who talked about flu? You were talking about WW1, now you are pivoting to the
flu?

> And all of Europe was in a permanent condition of poverty until way into the
> 20th C. 80% of the population was poor working class even in 1970.

This is also grossly wrong. I suggest you better inform yourself about the
20-th century history of European societies before spouting more nonsense.

~~~
mjburgess
WW1 was a total war. Fascism was a response to total war which conscripted
every civilian into the military. Italy did not have an army of 500,000
soliders before WW1, no country did. The british empire's armed force was
80,000 -- and was one of the largest in the world. Where do you think 500,000
"soliders" came from? They were drafted from the population.

It's literally in the first paragraph in the wikipedia article on fascism...

> Fascists saw World War I as a revolution that brought massive changes to the
> nature of war, society, the state, and technology. The advent of total war
> and the total mass mobilization of society had broken down the distinction
> between civilians and combatants. A "military citizenship" arose in which
> all citizens were involved with the military in some manner during the war.

> I suggest you better inform yourself about the 20-th century history of
> European societies before spouting more nonsense.

I'm British and I know my own history very well. Read any book of the time,
"Road to Wigan Peer" will give you the quality of poverty.. and any graph by
any serious economic study of human history will give you the actual level of
wealth.

[https://en.wikipedia.org/wiki/Economic_history_of_World_War_...](https://en.wikipedia.org/wiki/Economic_history_of_World_War_I)

~~~
bluescarni
> WW1 was a total war. Fascism was a response to total war which conscripted
> every civilian into the military.

WWI was a contributing factor to the rise of fascism, which is a complex
phenomenon whose roots date back at least to the late 1800s with the rise of
nationalism throughout Europe, the unification of Germany, the growing
distrust of liberal democracies at the turn of the century, etc. It was not a
"direct result" of WWI.

> Italy did not have an army of 500,000 soliders before WW1, no country did.
> The british empire's armed force was 80,000 -- and was one of the largest in
> the world. Where do you think 500,000 "soliders" came from? They were
> drafted from the population.

WWI was unparalleled in magnitude with respect to previous wars, but, as far
as Italy is concerned, it did not involve directly the vast majority of the
civilian population (around 34M at the time), which was never in a war zone or
at risk of atrocities from the opposing force. The fighting was confined to
the northeastern Alpine regions of Trentino, Veneto and Friuli. The Austrians
made a small advance into the Italian territory before being decisively
defeated on the Piave river. The industrial and agricultural heartlands of the
country were largely intact at the end of the war, no major urban centres were
captured or destroyed, and important land gains were made in the form of new
territories formerly under Austrian control.

WWI was hell on Earth in the trenches, but no, Italy was not in disarray and
did not experience mass death or poverty as a result of WWI.

(There were of course serious economic issues in the interwar period, but
their genesis is in the great depression, not WWI)

> I'm British and I know my own history very well. Read any book of the time,
> "Road to Wigan Peer" will give you the quality of poverty.

Life has been shit for most people for millenia, in Europe and elsewhere. But
just take a look at any graph of the life expectancy over time in Europe and
you will see that is has been steadily improving throughout the 20th century
(with a couple of big temporary down spikes for the flu and WW2 - not WW1).

------
javajosh
I was under the impression that a certain GOP Presidential candidate served
the same purpose, and that did not turn out well.

~~~
lowdose
Could you tell me more about that?

~~~
SV_BubbleTime
He means Trump.

As seen in the leaked Podesta emails (Hillary’s campaign manager that was
phished and has a password of “Pa$$w0rd” or such), Hillary Co asked their
media contacts to put emphasis on Trump. To give him more coverage than the
others running. They literally called him their “pied piper” candidate. They
were so confident they could beat Trump that they helped prop him up.

How Hillary skated by with many people not knowing or not caring that in more
ways than one she is responsible for the president they hate so much, I have
no idea.

Edit: you know the emails are on Wikileaks HN, the chain starts with “Friday
Strategy”

~~~
banads
Can someone explain why this is being heavily downvoted? Was something they
said false?

~~~
brianlweiner
Probably the ludicrous notion that somehow Hillary Clinton is to blame for
electing Donald Trump rather than the millions of people who voted for him
despite overwhelming evidence of his lack of fitness for the office.

~~~
undersuit
If the accusation is true then she certainly shares some of the blame.

------
api
I wonder how the 4chan crowd feels about helping "meme Trump into office?"

~~~
superkuh
If you think who is currently president matters one bit when it comes to
passing bills increasing federal spying and power then you haven't been paying
attention.

