
Rethinking Encryption - justlikeyou
https://www.lawfareblog.com/rethinking-encryption
======
jeroenhd
This guy is all about how much of a threat the expansion of Chinese hardware
is but doesn't say a word about the same being true for American hardware.
Chinese networking hardware may contain backdoors, American hardware has been
confirmed to contain backdoors over and over again.

Re: the iPhone: when any country has the golden keys, every country has the
golden keys. How hard is it to. Get that through your head. The moment the US
demands golden keys, China is going to demand their own set of golden keys,
followed by Saudi Arabia and any other foreign adversary. These keys are going
to be used the same way the US is going to use them (spy on allies and
enemies) as well as for seeking out minorities and problematic citizens.

As a foreigner, if something doesn't cross the US Senate of all bodies because
of ethics or surveillance problems, that's really saying something. These are
the people that brought us laws like the PATRIOT ACT and the CLOUD act,
systematically expanding the reach of US law enforcement across borders. The
EU, supposedly an ally, had to negotiate a quick, likely invalid or quickly
overturned bandage treaty to make it legal to even just store personal data on
US company servers. Is this what the US wants to become? A risk to their own
allies?

Forcing weak encryption is not defence, it's offence. It's hard to believe
that people like these aren't jealous of the spying network China has set up.

~~~
jjeaff
Backdoors have been revealed a few times in US products, but US companies have
learned their lesson and appear to be pushing back. 9/11 is almost a decade in
the past and the Snowden revelations embarrassed several companies. Things
like warrant canaries are pretty common and companies like Apple have been
publicly fighting government attempts to access Apple devices in court.

One thing the US has going for it is that unlike some countries, is that
companies are more scared of their customers than the government.

~~~
jeroenhd
Every three or four months Cisco or Juniper get caught having introduced a new
backdoor. Hardcoded admin passwords, full system access backdoors following a
specific port knocking sequence, you name it. Sure, some companies have
started pushing back but the companies that produce critical network
infrastructure can't be trusted.

~~~
Hikikomori
Backdoors or just shitty developers and security practices?

What port knocking backdoor?

------
akersten
This is fundamentally a fight about the autonomy of the human mind, and what
the government can command you to do with your own brain.

If you and a cohort were the last survivors of a dying tribe, with your own
special language that no one understood, and you criminally conspired with
them via written word, the government could not compel you to translate your
messages just because they cannot understand them. That's the 5th Amendment in
action, as you'd be creating testimony against yourself. The prosecution will
have to pin you on some other charge, maybe a crime that you actually
physically committed.

It's the same exact thing with encryption. It's a language that the government
cannot understand, and cannot compel you to translate.

Now, to be fair, there is some wishy-washy here because the government desires
not only to have compelled decryption, but to force companies to wiretap their
own users. The later is not strictly a 5th Amendment violation - but it's the
principle of the matter.

One day we'll have the ability to interface directly with our minds, and we
need to draw the "stay the fuck out" line pretty damned clearly in the sand
before that happens.

~~~
paggle
By "cannot compel you to translate," you mean "must not compel" or "should not
compel," because an entity that controls 11 aircraft carriers _can_ compel you
to translate whatever the hell they want you to.

~~~
GhettoMaestro
What does 11 carrier strike groups have to do with the 5th amendment? The
former is to project power beyond the borders of the United States. The latter
is to protect you from an abusive government domestically.

Also to take it further, technically, the US Constitution does not apply
beyond our borders (like any other US law, absent a bilateral treaty).

I fail to see the connection you are trying to make.

~~~
nullstyle
Not GP, but I think further exploration of the point being made can be found
here: [https://www.xkcd.com/538/](https://www.xkcd.com/538/)

If you prefer to hear similar sentiments from one of saints of comedy:
[https://youtu.be/gaa9iw85tW8?t=261](https://youtu.be/gaa9iw85tW8?t=261)

------
nullc
I'm confused at the assumption that you can prevent serious organized
criminals from having access to strong cryptography simply by backdooring
common communications apps.

The genie is out of the bottle: Powerful criminal enterprises will have no
difficulty hiring people to build overlay tools that they can run inside their
backdoored comms that will provide adequate (at least, if not effectively
unbreakable) cryptography.

Even if we ignore the considerable first amendment barriers and there were an
effort to outright outlaw strong crypto, steganography has become very strong
and even if not quite sufficient finding out your comms were being monitored
via a use of crypto charge is way better than having the attacker learn all
your info.

In light of this, I find it difficult to see the goverment's position as
seeking to widen infrastructure for the wholesale surveillance of the general
public with claims of terrorist groups as a dishonest cover for the demands.

The old adage "If guns are outlawed, then only outlaws will have guns"\-- has
serious limits owing to the nature of guns as physical objects. The sentiment
applies a million fold for cryptography, which is fundamentally a collection
of ideas with a zero marginal cost of reproduction or execution, mass-less,
volume-less, capable of being distributed around the world in a fraction of a
second and implausible to silence even with great leap forward mass murder.

Actions to block access to encryption would severely degrade the security and
privacy of the general public, on this point I agree with the author. But
would it prevent pedophiles and terrorist from having access to encryption?
Not likely.

Would pedophiles and terrorists occasionally screw up and use insecure
means... sure, but they already do that today.

~~~
snarf21
I still want an answer from these people. How was crime solved before end-to-
end encrypted mobile apps existed? Maybe it makes it easier but maybe it
doesn't. These devices connect to WiFi and cell networks and have GPS. It
seems like coded messages at pay phones were even more unbreakable.

~~~
Majromax
> How was crime solved before end-to-end encrypted mobile apps existed?

One meaningful investigative tool was (and still is) the wiretap, where access
to the physical channel gives unencrypted access to the contents. Phone
encryption is possible, but was generally used rarely.

It sounds to me as if investigators want to preserve some equivalent of this
tool, although its existence in the first place was more of a technical
limitation than a legal one.

------
argomo
"Going dark" is a good thing... it limits the state's ability to abuse its
enormous power (which is already routinely abused, as any student of FBI
history or current events should know).

However, "going dark" is not what's happening. Only recently had government
has this much power to examine, catalog, and track the masses. Instead of
debating the ethics of encryption (and trying to outlaw math), we should be
debating how best to curtail and audit government powers to prevent their
abuse.

~~~
BLKNSLVR
The problem was the fact that the Internet, in its romantic period, "went
light" first. "Going dark" is just a return to the balance once knowledge
critical mass was reached about the scale of the "went light" event.

------
raxxorrax
I don't think the threats from people "going dark" justify weakening
encryption. The potential for abuse is too real and there are already a lot of
instances when governmental actors have acted in bad faith.

The text I would consider manipulative with its references of a terrorist
bombing. State actors suppressing dissent isn't mentioned at all.

It is not a black and white issue, but in most parts of the world, people
would benefit from strengthening encryption even further. And I don't see that
changing anytime soon.

~~~
PaulAJ
If you read the whole article you will find out that you are in complete
agreement with it.

------
todd3834
I was thinking about this subject today. If the US has laws that prohibit
legitimate encryption and other countries do not... Is it fair to suggest that
we are making ourselves easy targets to foreign nations who wish to practice
privacy violations?

I don’t think about encryption as a method to protect myself from the US
government (only) but from any entity that is local or foreign. I think
everyone should have the right to privacy. To me this is more important than
the right to guns. And no not because I want to have illegal content, I just
want to keep my information secure from people who don’t have a right to my
privacy.

What am I missing? Should we give up our rights because there are people who
break the law? Aren’t they going to continue to break the law anyways?
Including using encryption.

This is like CAPTCHAs. Punishing the majority for the crimes of a very tiny
minority.

Is this really the only way to catch people who do illegal things or is this
just the laziest way to do it?

~~~
scaryclam
Not only that, foreign businesses are less likely to trust anything stored
with or touched by US companies. And that's not even getting into regulated
industries where it might become illegal to do business.

------
deogeo
> But going dark is broader than encryption; it involves the decreasing
> ability of the government to conduct effective lawful surveillance for many
> technical reasons, including but not limited to the widespread adoption of
> encryption technology.

The 'going dark' boogeyman - how predictable. Only in the mind of a spy agency
shill does the rapidly growing number of surveillance cameras, facial
recognition, flying surveillance drones with high-resolution cameras over
cities, and interception of all communication metadata (if not the content),
equate to _decreasing_ ability. They won't be happy until we are stripped of
even the last tiny scrap of privacy.

~~~
solstice
Have you read the whole (admittedly rather long) article? He has a pretty
nuanced view of it imo, especially at the end and explicitly refers to the
"golden age of surveillance"

~~~
deogeo
He says " _some_ argue that society is in a golden age of surveillance"
exactly once, but repeatedly presents 'going dark' as fact. That the rest of
his view is nuanced doesn't make that aspect any less of a _lie_.

------
coldtea
> _But going dark is broader than encryption; it involves the decreasing
> ability of the government to conduct effective lawful surveillance_

That wasn't an ability of government in 1900 or 1800, so why should we worry
that this new-fangled ability has been decreasing lately?

Who said it should be an ability for government, and much more, an eternal
one, and not a temporary accidental capability due to a few technical
developments that allowed it for a short span of time?

~~~
gampleman
While I agree with you, I can also appreciate that intelligence/law
enforcement agencies are not keen to go back to the alternatives. HUMINT is a
nasty (in the moral sense), dangerous, and expensive enterprise. Would you
rather train for a few years, then live a fake life with the constant threat
of gruesome death, lying to everyone you know - possibly even your fake wife
and kids or rather just tap a few phones/emails?

It's no wonder that most agencies have pretty much entirely dropped their
expertise on this as soon as the alternative showed up. I don't think they are
geared up to get back into that game.

~~~
coldtea
> _HUMINT is a nasty (in the moral sense), dangerous, and expensive
> enterprise._

Which they use all the time still, so that's not a real difference. It's not
xor with digital surveillance.

Besides what you describe (double life, death, etc) would be a problem for the
spy, not the general population. I could not care less about the spies.

But I wasn't talking about spying as much, but for government / police / etc
surveillance. Where if they have to deploy humans to spy on some drug dealers
or suspected murderer or whatever, is fine. And the fact that they're humans,
makes it more costly to mass deploy (and thus serves as a natural check and
balance).

------
athrowaway3z
Because this article is an explanation to the anti-encryption crowd the author
takes his time to lay out their arguments as a token of understanding their
position. Still, i want to bitch about some of them.

> In my work at the FBI, I encountered directly how encryption makes it harder
> for law enforcement to detect, prevent and solve certain types of crime in
> specific instances.

Encrypted data is a known unknown. This doesn't work as an argument without
speculating on the scope of unknown unknowns.

> I’m confident that this problem can be addressed from a technical
> perspective. In most cases, it’s just software, and software can be
> rewritten.

That works both ways. ( Source code for effective encryption is less text then
this blog piece )

> the United States has not experienced a terrorist or other attack of
> sufficient magnitude where encryption clearly played a key role in
> preventing law enforcement from thwarting it

And i can't think of any realistic scenario in which it would. The window of
cause-and-effect is extremely small. The attack needs to hinge on the tools
that the US has authority over. i.e. Why would Osama use WhatsApp on an iPhone
in the first place?

> inherently vulnerable network of networks

This is the wrong way around. Its a 'network of inherently vulnerable
networks'. Which is the safest option. ( As the author later notes but doesn't
reflect on )

------
chacham15
Despite the length of this article, I see no plan for the obvious rebuttal of
terrorists: if you make whatsapp or some other app not end to end encrypted,
the terrorists will make their own app. Its not difficult to generate your own
symmetric key and use openssl to encrypt and decrypt information sent with
that key. Sure, you can force apple to reveal the contents of the hard drive,
but whats the difference if apple is the one generating the ciphertext or the
terrorists own app is? The difference is consumer protection has backdoors,
but the terrorist protection does not.

~~~
josephg
Apple could, for example, switch out the version of an app on my phone with a
backdoored version of the same app. The backdoored version could upload a copy
of every message I send to law enforcement. It wouldn’t even be difficult -
just a keylogger would do the trick, or the OS could periodically take
screenshots of the app while it is open and send them somewhere nefarious.
Those latter techniques would also work with web apps. If this sort of thing
was done selectively, I doubt anyone would notice.

If the government passes laws requiring backdoors in WhatsApp, terrorists can
use another app. If the government passes laws requiring Apple and google to
add backdoors to their phones, it will be almost impossible to avoid
government surveillance. (And if the approach of the Australian government is
anything to go by, we won’t even be able to tell this has happened. Instead
they’ll pass a law demanding backdoors on request, then legally forbid Apple
et al from making any of the details public.)

This is one of the reasons I buy phones from Apple. Unlike Google, Samsung,
Huawei, etc they have at least made their opposition to government meddling
very clear. And as this article points out in detail, they have put their
money where their mouth is. If some of the sales price of my iPhone pays for
Apple lawyers to fight for my digital rights, that is a tax I pay willingly.

~~~
chacham15
I dont quite buy the "switch the app" argument as code signing easily fixes
that. Intercepting at a higher level such as a keylogger or screenshotter
would work, but then you'd apply the same argument: the terrorists would just
go one level higher. In fact they could go all the way to open source
processors running their own code doing all the same things. Yes, it would
delay them a few years to get there, but once there there would be little the
US could do to stop it. At the network level, we simply dont sign hardware, so
without some major refactoring to the core system, theres little to do there.
Still though, at every level of this back and forth, consumers have to give up
more and more privacy to allow the government to step in and get the same
level of information they had before about terrorists until the terrorists
will eventually win (or we completely lose privacy and trillions of dollars in
infrastructure). So why play the game?

~~~
unionpivo
> In fact they could go all the way to open source processors running their
> own code doing all the same things. Yes, it would delay them a few years to
> get there, but once there there would be little the US could do to stop it.

well as long as you can't easily build private fab out there capable of
building such processors, good luck with that. There are not that many fabs
out there. Fpga's aren't any better, since most of them you can't even make
work without large quantities of proprietary blobs.

------
shakna
Whilst I strongly disagree with some of his viewpoints, we do agree on at
least one major point.

> Many would disagree strongly with the attorney general’s assessment that an
> acceptable technical solution to law enforcement’s problem—one that
> appropriately balances all of the equities at issue—actually exists.

> But, for the reasons discussed above, public safety officials should also
> become among the strongest supporters of widely available strong encryption.

Encryption _should_ be continued to be used, and used in a more effective
manner across all communications. The net benefits of encryption outweigh the
risks that these intelligence agencies complain about.

I may think of it as absolutely necessary, and Baker may think of it as a
necessary evil, but if we two from very different worlds can both agree it is
necessary, then it should be fully embraced.

------
pfortuny
Unbelievable: think of the children in a grand and pseudo-legalistic way. And
this guy is serious!

As of secrets were something new.

“Society has failed to protect children”. No, man: they were never as
protected as you purport they were. You are just rewriting history.

------
auslander
> The problem is that there is no law that clearly empowers governmental
> actors to obtain court orders to compel third parties (such as equipment
> manufacturers and service providers) to configure their systems to allow the
> government to obtain the plain text

That kinda sums the article, but US Gov always finds ways to compel anyone to
anything. Raw power. Takeaway is to be your own equipment manufacturer and
service provider, as in cheap mini x86 boxes running open source daemons, over
proxychains and VPNs. Rotate equipment, hacked wifi APs and identities
monthly, use Signal on iOS and hide in the crowd, because if you're on the
watch list, game is over. Cyberpunk at its best.

------
Cyder
The flaw in these over zealous mind- policemens arguments is that they say
will be no other way to tell what someone is doing without reading their texts
and phone data live.

A beat cop knows there are many "tells" about what someone is doing.
Similarly, one has to commit several crimes leading up to a terrorist act.
Catching those before hand crimes is an effective way at stopping the final
act.

And who is going to be investigating all the people with keywords in their
texts? There are not enough cops in the US to do that.

If we use the net, there's a government file with a rating on how dangerous we
are.

My blog on these issues www.cyderinc.net

~~~
IfOnlyYouKnew
The flaw in your argument is that the article actually argues _for_ strong
encryption.

------
ffwd
Interesting speech by William Barr:

[https://www.c-span.org/video/?464971-3/attorney-general-
barr...](https://www.c-span.org/video/?464971-3/attorney-general-barr-
encryption-technology-law-enforcement)

"Only two ways to protect society ... 1) Ability to detect and apprehend
criminals .. 2) Regiment society as a whole"

"Our ability to protect the public from criminal threats is rapidly
deteriorating"

"Status quo is exceptionally dangerous"

~~~
Nasrudith
Wow the Trump administration really does love saying the quiet part out loud.
Literally saying a free society is dangerous and must be controlled.

~~~
kevingadd
The depressing thing is people with his views have been active in politics for
decades (and not all in the political circles that currently run the
government) - they're just finally getting their time in the sun, gathering
together and doing whatever they want.

Even if some of this gets unraveled and the worst actors get kicked out,
people like him will still be active in local and federal government trying to
roll back civil freedoms. It's rough. Hopefully the events of the past few
years will act as a wake-up call for people who were previously willing to
ignore what was already going on.

------
ProfHewitt
There is an analysis here:

Highly-Secure Backdoors: Internet of Traitorous Things (IoTT)

    
    
            https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3425957

------
hectorr1
Doesn't once mention First Amendment protections. Code is speech, and the
internet is the press. This is an attempt to ban an idea.

~~~
StanislavPetrov
Even worse, encryption is math. Banning encryption means banning math.

------
forthehorde
Interesting read, bookmarking it until my boss stops staring at everyone's
morning monitors. Thanks for sharing!

------
peterwwillis
If we make encryption illegal, only the criminals will have encryption. The
criminals can just use real encryption inside of "backdoored" tech. USG can't
change math.

------
AdieuToLogic
Based on the content and tone of this article, I have to leave this here:

[https://www.xkcd.com/538/](https://www.xkcd.com/538/)

------
Debugreality
tl;dr: First 5 pages to show he understands why law enforcement wants to
weaken security, last 2 disagreeing because cybersecurity and nation state
threats are the bigger risk.

------
enriquto
tl;dr: we should use weak encryption because think of the children

~~~
jstewartmobile
This spook is arguing _for_ strong encryption. I think the length is just
apologia to soften the inevitable shunning by fellow spooks.

------
dev_dull
I’m extremely skeptical about _ANYTHING_ put out by this group, and Jim Baker
in particular.

This guy was general counsel for the FBI at the same time they were abusing
FISA warrants to secretly spy on Trump admins. You think they’ll stop at
Trump? They’re just getting started.

We need to get back to our roots of being extremely careful about our
intelligence agencies.

I know you’ll initially be turned off by the subject of the below article, but
definitely read it. For the sake of our civil liberties, the leash of our
intelligence agencies _must_ be kept short.

[https://www.theepochtimes.com/spygate-the-inside-story-
behin...](https://www.theepochtimes.com/spygate-the-inside-story-behind-the-
alleged-plot-to-take-down-trump_2833074.html)

~~~
IfOnlyYouKnew
Don't post conspiracy theories.

Also: the article actually comes out _in favour_ of strong encryption. How
does that fit with your worldview?

------
jstewartmobile
This is all theater to give people a warm-fuzzy about the way things are.

Other than cock-blocking ISPs, what's the value in end-to-end encryption when
one of those ends is a megacorporation that is A) super-friendly with the
state security apparatus, and B) ready, willing, and able to sell you out to
the highest bidder? E2E works great against basement-dwelling h4x0rs, not so
much against people with actual power.

I know these companies will swear up and down how secure they are--but
security of what? Who audits them? Last I checked, no one.

~~~
jstewartmobile
To be clear, E2E from your-own-server to your-own-server is wonderful. E2E
from your google/apple/amazon surveillance device to google/apple/amazon
servers is turf guarding.

Say I want to block such-and-such domain. With unencrypted DNS, I put a record
in my own resolver, and problem solved. With per-app DNS over HTTPS, my
infrastructure is out of the loop, and SV has total control.

