The Natural Outcome Of The Encryption Wars In The U.S.

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
This guy has an interesting take on the current encryption war being fought in the U.S. between major phone carriers and the government. What do you think? Is he onto something or just on something?


It’s not just about the government being able to get into a given phone. Or listen to a given phone conversation. It’s about whether U.S. citizens will ultimately be disallowed to make, purchase, sell, or use communication technologies that cannot be made transparent to the U.S. government. I hope the tech companies and the government realize soon that this is the only destination that can be reached by this.
 
trudeak said:
I think what is most scary is that this will lead to the criminalization of privacy. People need to be active and oppose the very idea of backdoors to encryption,
Click to expand...

yup. This is a very slippery slope
 
trudeak said:
I think what is most scary is that this will lead to the criminalization of privacy. People need to be active and oppose the very idea of backdoors to encryption,
Click to expand...
According to some on this forum, encryption means the terrorists have won.
 
dr.stevil said:
yup. This is a very slippery slope
Click to expand...

I read and hear this slippery slope stuff about pretty much everything "If you let a woman have a job, soon penises will be illegal." or "If you elect somebody that isn't like me it will be illegal to be like me in no time."

I don't even know if this is a slippery slope. We may have long gone over the cliff way back in 1948 when our own governments established our status as the enemy. Maybe even before that with anti-communist witch hunts, privacy was never a barrier then. A few words of fabrication and an enemy of the state's life was thrown open to scrutiny both private and public. Maybe the only difference now is that it might actually happen to "us" as opposed to just people that are pointed out as enemies to be destroyed.

In this case the information the authorities want is from the dead, people who can't be coerced (no matter how long you submerge them) into giving up their rights. Thus giving up their contacts and friends in order to extend the witch hunt. The only real difference is that now a subversive government, can wield it's weaponry against much larger numbers of people much faster. Privacy has never been an issue during a good ol' witch hunt, it's an illusion, or it was. It's only now that we can make it next to impossible for our enemies to use our own information to hurt us.

It's just a thought, but privacy is really a new thing. These obstacles to authority are new. Maybe this is a slippery slope we're climbing?
 
So the position is, "give up your privacy, or we'll just take it away anyway"

Meanwhile criminals doing stuff important enough to encrypt, will use other systems without backdoors. When existing systems with state resources can be cracked if they really want to. A backdoor (or equivalently a rapid brute force tool) just lowers the cost/time to make it feasible to look at anyone's phone at will. It also takes away the need for a warrant if you seized the phone off a person while arresting them. Arrest a person, you get a free look at their phone. If the arrest was frivolous, the person gets a sorry and sent on their way.
 
Privacy isn't a new thing. People have the tools to make it impossible (or close to) for anyone else to access their data has been around since antiquity. It's called memorizing things in your own head. Extending that to your phone or other electronic devices which you do not want others to read is just human nature. The tools have been around since the 70s for public key encryption. Because apple or whoever else started putting it widespread in it's phones doesn't make it a new challenge.

There is literally no way to put the cat back in the hat. Even if you banned encryption which would be insane, it will not work. Show me a single piece of evidence that says banning anything will make it go away.
 
In the related case, I noticed J. Mcafee claims he will decipher that iPhone for free if Apple keeps refusing.

My take: If that can be pulled off, it's probably already been done for all Apple devices, and the only reason the FBI took it to court is because they can't use the data they have actually in court without violating current anti hacking laws. That and setting off more public outrage of illegal government spy programs. Perhaps everything we are hearing about the whole encryption being hackproof argument is just pacification type showboat bullshit because in secret it's already being done (which can't be acknowledged officially)
 
The backdoor will be leaked or cracked just as fast as DRM is. ID theft goes through the roof and the government is immune from accountability. Hopefully VeraCrypt and CipherShed are coming along nicely.
 
Twisted Kidney said:
I read and hear this slippery slope stuff about pretty much everything "If you let a woman have a job, soon penises will be illegal." or "If you elect somebody that isn't like me it will be illegal to be like me in no time."

I don't even know if this is a slippery slope. We may have long gone over the cliff way back in 1948 when our own governments established our status as the enemy. Maybe even before that with anti-communist witch hunts, privacy was never a barrier then. A few words of fabrication and an enemy of the state's life was thrown open to scrutiny both private and public. Maybe the only difference now is that it might actually happen to "us" as opposed to just people that are pointed out as enemies to be destroyed.

In this case the information the authorities want is from the dead, people who can't be coerced (no matter how long you submerge them) into giving up their rights. Thus giving up their contacts and friends in order to extend the witch hunt. The only real difference is that now a subversive government, can wield it's weaponry against much larger numbers of people much faster. Privacy has never been an issue during a good ol' witch hunt, it's an illusion, or it was. It's only now that we can make it next to impossible for our enemies to use our own information to hurt us.

It's just a thought, but privacy is really a new thing. These obstacles to authority are new. Maybe this is a slippery slope we're climbing?
Click to expand...


When you talk about the history of it all it's interesting to remember that back in 48, the telephone was still a relatively new thing. We've had cellphone for as long as phones had been around at that point. I disagree that our governments consider us the enemy. The reason why is that most individuals in the government don't think of themselves as "the government". They are just people with jobs. I am not actually clear why you chose 1948 as a reference point but I still need to read this article if it will load. But I think you are correct, and my first thought on this article is that it's based on a false premise, that in the past we could communicate electronically in private which is false, we have never been able to communicate electronically in private. Our land line phones could always be tapped, legally or otherwise, and the same was true for our cellphones. I can see a government position, in absence legal wiretapping methods, where the government simple says, all communications must be able to be legally tapped, and if we catch someone illegally tapping someones communications, we'll take care of them for you.
 
NeghVar said:
The backdoor will be leaked or cracked just as fast as DRM is. ID theft goes through the roof and the government is immune from accountability. Hopefully VeraCrypt and CipherShed are coming along nicely.
Click to expand...

Please god please, can you guys stop calling it a backdoor. The only people referring to this as a backdoor are media types who are supporting Apple's position and ignorant fools that don't know what a backdoor is and you guys are supposed to be smarter than this.

As for you pronouncements of doom, we have never had unbreakable completely secure communications in the past. If there was any merit to your pronouncement than this would already be the way things are not the future.
 
Given that China is actively stealing from the USA. This is a terrible thing. The whole "is for your own good" is completely bullshit.
 
BBA said:
In the related case, I noticed J. Mcafee claims he will decipher that iPhone for free if Apple keeps refusing.

My take: If that can be pulled off, it's probably already been done for all Apple devices, and the only reason the FBI took it to court is because they can't use the data they have actually in court without violating current anti hacking laws. That and setting off more public outrage of illegal government spy programs. Perhaps everything we are hearing about the whole encryption being hackproof argument is just pacification type showboat bullshit because in secret it's already being done (which can't be acknowledged officially)
Click to expand...

Of course it's already been done for Apple devices, they used to crack their own phones and unlock them for the FBI all the time. It's why I argue there is no precedent involved in this case.
 
Hypergreatthing said:
Privacy isn't a new thing. People have the tools to make it impossible (or close to) for anyone else to access their data has been around since antiquity. It's called memorizing things in your own head.
Click to expand...

That works for less than three or so percent of the human population, since the renaissance humans have relied on documents to store large volumes of important information. It's always been easy to invade a home and take documents, those documents could be encrypted with a simple cipher. World war two hinged on encryption. But this is mass information that is incredibly difficult to access, to the tune of potentially centuries spent decrypting it. This is new, and the pace of technology is far outstripping the ability of governments to control or exploit it. If we do manage to make data truly private, it will be the first time ever. Over all I think that's probably a good thing, but like all things it can be exploited.

lcpiper said:
When you talk about the history of it all it's interesting to remember that back in 48, the telephone was still a relatively new thing. We've had cellphone for as long as phones had been around at that point. I disagree that our governments consider us the enemy. The reason why is that most individuals in the government don't think of themselves as "the government". They are just people with jobs. I am not actually clear why you chose 1948 as a reference point but I still need to read this article if it will load. But I think you are correct, and my first thought on this article is that it's based on a false premise, that in the past we could communicate electronically in private which is false, we have never been able to communicate electronically in private. Our land line phones could always be tapped, legally or otherwise, and the same was true for our cellphones. I can see a government position, in absence legal wiretapping methods, where the government simple says, all communications must be able to be legally tapped, and if we catch someone illegally tapping someones communications, we'll take care of them for you.
Click to expand...

1948 is when the Five Eyes fully belched into existence. It nullified the very concept of legal process when an agency wanted to spy on their own citizens in contravention of that nation's law. They could just call a buddy and get that friend to spy on the mark for them. I'm not much of a conspiracy nut, there are far too many people for this to be abused on any large scale. There's no real evidence that it's ever been abused in any way, but it's there when it's needed and we don't get a say as to when it's needed. I think we live in a western world where the law is increasingly viewed as an unacceptable obstacle to policing, not just on espionage levels, but in your own neighbourhood. It's always been like that in most of the world, but we do (or did) things different here, I think our nations and our ideals are cheapened by this erosion of our principles.
 
We just need to look at current and past dictatorships elsewhere in the world to see what abuse of citizen privacy turns into. There are countries today where it's illegal to express beliefs counter to the government. What happens to such people? Imprisonment, torture, death, destruction of their bloodlines, etc.

Privacy is no laughing matter. Our individual security requires privacy, otherwise we will be abused.
 
lcpiper said:
But I think you are correct, and my first thought on this article is that it's based on a false premise, that in the past we could communicate electronically in private which is false, we have never been able to communicate electronically in private.
Click to expand...

One-time pad encryption was first recorded as being used with telegraphs way back in 1882. OTP encryption is unbreakable and super easy to implement - it can be done without a computer for small messages. Because of this, the very idea that they're somehow going to make encryption inaccessible to anyone who really wants to encrypt something is completely absurd. In the past we've been able to communicate privately, and we will always be able to communicate privately.
 
lcpiper said:
Of course it's already been done for Apple devices, they used to crack their own phones and unlock them for the FBI all the time. It's why I argue there is no precedent involved in this case.
Click to expand...
The phone technology has changed and Apples ability to decrypt previously was likely a feature to help people recover their phones. Cracking the way the FBI wants now creates an uber-tool that will not require a case by case warrant for Apples support. They will just need one emotional case, get the tool and have their way until a substantial amount of R&D by Apple re-establishes security. They found a beautiful way to bypass specific warrants. Brute force attacks is a vulnerability to 4 & 5 digit lock codes for all phones. The counter to brute force is auto-wipe. Invent a way around this and you can't put the genie back in the bottle. THIS IS DESPITE THE REPEATED INFERENCE THIS IS A ONE-OFF or MORE OF THE SAME.
 
lcpiper said:
Please god please, can you guys stop calling it a backdoor. The only people referring to this as a backdoor are media types who are supporting Apple's position and ignorant fools that don't know what a backdoor is and you guys are supposed to be smarter than this.

As for you pronouncements of doom, we have never had unbreakable completely secure communications in the past. If there was any merit to your pronouncement than this would already be the way things are not the future.
Click to expand...


You never know. If the vast majority of our citizens remain sheeple, then there will eventually be a criminalization of any encryption other than a government mandated encryption with the Big Brother's own way of easily decrypting it anywhere any time for any reason without cause. That is the way of the future if we continue to remain docile and easily led.
 
lcpiper said:
. I can see a government position, in absence legal wiretapping methods, where the government simple says, all communications must be able to be legally tapped, and if we catch someone illegally tapping someones communications, we'll take care of them for you.
Click to expand...

Yes because we can always count in a morally superior government with their own agendas and ambitions to do what is morally or ethically right. Makes perfect sense.

So where should I start the list of where our government has been a bunch of $-@+% heads with regards to human rights?
 
Isn't it a bit sad Rand Paul had to drop out right before this happened? He would have eaten this issue up. I don't think that article you linked it is just another concern, it is THE concern about this whole mess.

What's next, the govt can say all safe vault makers have to provide a master key on everyone's safe so they can be easily opened to check for guns? All I really want the federal govt to do is protect our borders and prevent the foreign crazies from even entering the country in the first place.

Can you really imagine if people start getting arrested for using encrypted phones without a govt backdoor on them? How would the govt even justify a search warrant with probable cause? We believe this person is using an encrypted phone, we request a search and seizure. Oh wait the govt doesn't like to have to get individual warrants. They will just randomly stop you on the street, demand you hand over your phone with your ID, and then test it for a back door or something....that is what I worry about, but maybe I am tin foil hatting too much here.
 
He is spot on...

This is all about answering a question that hadn't really needed to be answered until recently... How does the government/law enforcement handle "inaccessible" evidence?

Up until now... all locks/safes/banks could be picked/cracked/drilled/kicked in etc to access said evidence (with proper warrants mind you).

I would be completely against giving the government access to any of these tools, the company should be compelled to unlock these with appropriate court orders...

Though just as the article stated even this has to lead to outlawing usage of non-compliant encryption devices or software. The penalty of which would have to be sorta like obstruction or contempt of court in order for it to be worthwhile.
 
Twisted Kidney said:
That works for less than three or so percent of the human population, since the renaissance humans have relied on documents to store large volumes of important information. It's always been easy to invade a home and take documents, those documents could be encrypted with a simple cipher. World war two hinged on encryption. But this is mass information that is incredibly difficult to access, to the tune of potentially centuries spent decrypting it. This is new, and the pace of technology is far outstripping the ability of governments to control or exploit it. If we do manage to make data truly private, it will be the first time ever. Over all I think that's probably a good thing, but like all things it can be exploited.



1948 is when the Five Eyes fully belched into existence. It nullified the very concept of legal process when an agency wanted to spy on their own citizens in contravention of that nation's law. They could just call a buddy and get that friend to spy on the mark for them. I'm not much of a conspiracy nut, there are far too many people for this to be abused on any large scale. There's no real evidence that it's ever been abused in any way, but it's there when it's needed and we don't get a say as to when it's needed. I think we live in a western world where the law is increasingly viewed as an unacceptable obstacle to policing, not just on espionage levels, but in your own neighbourhood. It's always been like that in most of the world, but we do (or did) things different here, I think our nations and our ideals are cheapened by this erosion of our principles.
Click to expand...


Umm, I see. Yea that actually a bullshit theory that has no validity. Five Eyes is what's called a Releasability Control Marking which designates that a marked piece of classified information can be released to those five countries. No matter what you may think. The US Government can't play games like that, have contractors do it because the government guy can't, or have other countries spy on it's own citizens for them.

That does not mean that information collected by an allied nation doesn't sometime contain data on American Citizens, that when related, it doesn't make the rounds, or if it is indicative of a crime, that Intelligence information isn't turned over to Law Enforcement. What it means is that they do not Target people like this. Now if an Intel Agency is targeting an American, it may have another country do it when they possess assets that the US doesn't have available to them. There are some fine lines between what I am saying and wht you are claiming. You may think those lines don't mean much but they do. Those lines lie between what is illegal and what isn't. It's way too easy for people who only possess part of the information to jump to conclusion about where those lines lie and whether they were crossed.
 
I agree with the sentiments expressed in favor of Apple. This guy makes a pretty good case that this is a political move by the FBI:

Feeble Noise Pollution

Even if we assume the US and the rest of the Five Eyes are trusted, I think it is reasonable to expect that someone else will discover a known backdoor if it exists. Criminals and foreign powers will work to discover the operation of the backdoor. A good example of this is the case where the keys used to program RSA tokens were stolen. Allegedly, some Chinese actors were able to break into computer systems and steal information. It would have been impossible to do this if the list of keys for the RSA tokens did not exist.

Stolen RSA data used to hack defense contractor
 
Want to know the natural outcome of encryption?

Good luck legislating Math.



dandirk said:
Though just as the article stated even this has to lead to outlawing usage of non-compliant encryption devices or software. The penalty of which would have to be sorta like obstruction or contempt of court in order for it to be worthwhile.
Click to expand...


It's not an encrypted message, I just felt like sending "BwMgYOToVCE0MkECKT5XgyF4kfqIIjfULWBN3Wg0Tk7G0DhfBzQSaYMV3UH0bQ3EkioZK2PsF7RLPBF0glDM5LBBKrwnUHh4C2shYDCmmxMLDlBcW8zR3v9M" to my friend because I did. Alternately, we don't write to each other in English, we write in the SbinianDorkay language. I'm not your translator, you figure that shit out.
 
jpm100 said:
The phone technology has changed and Apples ability to decrypt previously was likely a feature to help people recover their phones. Cracking the way the FBI wants now creates an uber-tool that will not require a case by case warrant for Apples support. They will just need one emotional case, get the tool and have their way until a substantial amount of R&D by Apple re-establishes security. They found a beautiful way to bypass specific warrants. Brute force attacks is a vulnerability to 4 & 5 digit lock codes for all phones. The counter to brute force is auto-wipe. Invent a way around this and you can't put the genie back in the bottle. THIS IS DESPITE THE REPEATED INFERENCE THIS IS A ONE-OFF or MORE OF THE SAME.
Click to expand...

Don't loose sight. Apple has done this in the past, this is an older phone and they already told the judge that they have the ability to unlock the phone. The Judge then ordered it unlocked, Apple refused saying it's bad for their business and customer relations. the Judge came back and ordered Apple to break the lockout function so the FBI could brute force the unlock.

Claiming that this would hand the FBI a tool to crack any phone is supposition and would have been avoided if Apple had just unlocked the phone and extracted the data as the Judge first ordered. If only Apple can push a phone update to hack the phone, then only Apple can do it. If anyone can push a phone update than this train left the station long ago and nothing about this court case will change that.

There is no bypassing of warrants. The phone is OWNED by San Bernadino County, the County agreed to allow Apple to unlock it. The phone's owner said unlock the phone. Do not lose sight of this. I am going to repeat it one more time. The phone's owner agreed to allow Apple to unlock their phone. A valid warrant was issued to have the phone unlocked. The warrant is justified under the All Writs Act, the same law which has always been used to justify the warrants for these unlocks which Apple has done before.

I keep thinking this through and all I can come up with is that Apple is dragging their feet in this case because they don't want it to impact the New York case which is similar. The Judge in New York is questioning the use of the All Writs Act. If he rules that the Law does not allow the Government to force Apple to unlock that phone, than Apple won't have to unlock any phones any more. But if Apple just gives this one up knowing what's going on in New York, the Judge in New York might decide to just go along with the norm. That's what I think this California case is all about.
 
Sikkyu said:
I'lll stick with andriod and custom root builds built for privacy, outside of the carrier's builds. apple was never a really a choice.
Click to expand...

do you build root yourself or are there precompiled privacy builds?
 
dandirk said:
He is spot on...

This is all about answering a question that hadn't really needed to be answered until recently... How does the government/law enforcement handle "inaccessible" evidence?

Up until now... all locks/safes/banks could be picked/cracked/drilled/kicked in etc to access said evidence (with proper warrants mind you).

I would be completely against giving the government access to any of these tools, the company should be compelled to unlock these with appropriate court orders...

Though just as the article stated even this has to lead to outlawing usage of non-compliant encryption devices or software. The penalty of which would have to be sorta like obstruction or contempt of court in order for it to be worthwhile.
Click to expand...

They have issued an appropriate court order, a warrant was issued in this case to Apple. In fact, the warrant wasn't even needed cause the phone's owner agreed to allow Apple to unlock it so a warrant wasn't even technically required.
 
DigitalGriffin said:
Yes because we can always count in a morally superior government with their own agendas and ambitions to do what is morally or ethically right. Makes perfect sense.

So where should I start the list of where our government has been a bunch of $-@+% heads with regards to human rights?
Click to expand...
they are very clever, what they did is made sure that legally no one is entitled to human rights, that way they can do anything to anybody and not worry about a thing, it's called a corporate persona, aka strawman
 
ruffbytes said:
I agree with the sentiments expressed in favor of Apple. This guy makes a pretty good case that this is a political move by the FBI:

Feeble Noise Pollution

Even if we assume the US and the rest of the Five Eyes are trusted, I think it is reasonable to expect that someone else will discover a known backdoor if it exists. Criminals and foreign powers will work to discover the operation of the backdoor. A good example of this is the case where the keys used to program RSA tokens were stolen. Allegedly, some Chinese actors were able to break into computer systems and steal information. It would have been impossible to do this if the list of keys for the RSA tokens did not exist.

Stolen RSA data used to hack defense contractor
Click to expand...

They keys have to exist, if these keys don't exist, no one, not even the one that encrypted the data, would be able to access the data?

The keys were kept by RSA and it was RSA who was hacked first. that put many of the contractor companies who relied on RSA security tokens at risk. I used to carry and use one of those tokens, I have for two jobs I've had.
Apple has started leaving the keys with the user. Because they are all reasonably different, the keys for one can't really be used to compromise another.

And after reading that Feeble Noise pollution blog, his arguements are irrelevant. The Owner of the phone agreed to have Apple unlock it. At that point there really isn't anything else to argue other than can they be made to unlock it after refusing. Apple has complied with the All Writs Act many times in the passed, so in my opinion, the will have to unlock the phone.


EDITED:

Oh, and this from the blog author;

They(the FBI), have selected a case which will cast the tech vendors in the worst possible light. The FBI has been planning exactly this for a while, waiting only for an attack that would provide the pretext.
Click to expand...

The FBI didn't select this case. This case is progressing all on it's own, as any case would. Apple chose to refuse to do what they have complied to in the past. It is Apple that has made a choice in this case, not the FBI. Had Apple complied and not refused, this wouldn't even be more then a footnote in reporting on the other cases. It is Apples refusal that has pushed it into the media light.
 
Last edited:
There are some things that are private between the people communicating. The government is trying to protect their secrets for national security. What about our individual security and privacy? I have nothing to hide, but I'm not giving up my privacy for the sake of the Motherland, Comrade.

But, in this case - if they do get their way and get their backdoor (which is what Tim Cook calls it, as well), those that truly mean harm to the USA will go for another solution. If something is compromised, they'll move to something more secure. Those that will suffer are those legitimate users with nothing to hide. Not the bad guys. Look at piracy. They put up a road block, and the pirates move to something else. I just don't see it as solving the problem they are saying it will.
setec.gif
 
/usr/sbin said:
Want to know the natural outcome of encryption?

Good luck legislating Math.






It's not an encrypted message, I just felt like sending "BwMgYOToVCE0MkECKT5XgyF4kfqIIjfULWBN3Wg0Tk7G0DhfBzQSaYMV3UH0bQ3EkioZK2PsF7RLPBF0glDM5LBBKrwnUHh4C2shYDCmmxMLDlBcW8zR3v9M" to my friend because I did. Alternately, we don't write to each other in English, we write in the SbinianDorkay language. I'm not your translator, you figure that shit out.
Click to expand...

ummm is a written code new? No? How is it handled now? Cause you know codes have been used before computers.

ok so basically your opinion is if something doesn't work 100% that you shouldn't do it? That is a poor counter argument. Seat belts don't save all lives but they do save enough to warrant a law (whether you agree or not the specific law is not the point, the fact it exists is the point).

You are correct we are getting to dangerous territory as too far in each direction will be a problem. The question is how do we "reasonably" handle this... First what is considered "reasonable" and second is what lengths will we go to enforce them?

Do we make not translating or providing access to data (with warrant) a capital offense of the specific person? Do we require companies to unlock their own devices/data? Do we give the government backdoor access to all systems at their leisure?

There are different levels and ways to handle this in different shades. All or nothing is not the only answer.
 
dandirk said:
ok so basically your opinion is if something doesn't work 100% that you shouldn't do it? That is a poor counter argument. Seat belts don't save all lives but they do save enough to warrant a law (whether you agree or not the specific law is not the point, the fact it exists is the point).
Click to expand...

No, my point is that you can't legislate math. You can pass a law saying 2+2=5, but math doesn't give a fuck what law you pass. 2+2=4 is a mathematical fact, there is no room for negotiation. Encryption algorithms are just [exceptionally complicated] math. Furthermore these encryption routines are already freely available and public knowledge. The genie is already out of the bottle. Want an example? Here you go https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture8.pdf


dandirk said:
Do we make not translating or providing access to data (with warrant) a capital offense of the specific person? Do we require companies to unlock their own devices/data? Do we give the government backdoor access to all systems at their leisure?
Click to expand...

In terms of this, what if I as a Norwegian citizen personally write a formula and give it away (not as a company, just free for anyone to use)? What if an American uses it on his own to encrypt his items? You have a right to the 5th to not witness against yourself. This has been tried in the courts in the past (see: Appeals Court Upholds Constitutional Right Against Forced Decryption Privilege Against Self-Incrimination Applies to Act of Decrypting Data).
 
Last edited:
lcpiper said:
Um, they probably did. they had Sat phones and laptops in those caves. Encryption was probably involved to some degree.
Click to expand...

good one, they are lucky if they can get a pencil to write something down
 
Last edited:
Geez, all this stuff just to read Hillary's email,

What this article doesn't seem to even mention from a cause and effect perspective is something that concerns me even more: If a single back-door method is used by the government to access all devices of a particular type, or if only one entity has access to all of these back-doors, then the collective security of all our encrypted devices will likely reside in one location (or kept by one entity). More than our privacy issues, I would be concerned that having such a centralized collection of back-doors would put our nation at even greater risk. Our government hasn't had the best record when it comes to cyber-security, and so WHAT IF someone with harmful intent were able to get access to that "one ring to rule them all"? It could be through the electronic hacking, or someone making a copy of actual code and selling it to a spy. What if there is another Snowden that decides to thwart the system by leaking an entire collection of "back-door" information to the public? If a collection of back-door code were to get into the wrong hands, the damage inflicted would likely be even more crippling than any single terrorist attack that might be stopped by us using these back-doors. You can bet that other countries that aren't our allies would spare no expense in their efforts to obtain such information.

And also, do you think if such a breach of our security were to happen, that our government would be held accountable for damages, let alone fess up to something like "back-door codes for almost 20 million personal devices containing financial and personal information might have been leaked today due to a data breach at our Virginia facility, but don't worry because the government will be handling all damage claims from this event and replacing the entire nation's compromised smart phones and personal computers with new ones." ??? Well, do you think they would fix the problem even if it means replacing say, all of our cell phones?

I think not. I don't think our government would say a single word unless it had to.

A private company can be held liable for damages that might happen due to a data breach. They are also insured. Once a breach happens, it is beyond their capabilities to prevent the information from being spread or try to cover things up, so its in a private company's best interest to disclose any problems. If a breach happens, any damages/liability would be within the private company's best interest to investigate and at least resolve so their product isn't flawed.

But if the US loans out their "back-door passes", or they fall into the wrong hands... the US government has NO incentive or need to want to protect our personal information. If our social security numbers were leaked, if financial data were leaked, GPS data for high-profile targets, or self-driving car controls were compromised; it doesn't make the NSA look bad if nobody can trace it back to the NSA! Could Tesla look bad if a back-door were used to cause a few crashes? Could a bank lose money if a back-door were used to clean out a few accounts? Do you think the NSA would give a rip or say "oh, yeah, that was our fault!" HEEEEEEELLLLLLLLL NNNNNOOOOOOO!!!!!!

Who will pay to replace all of our personal computing devices when the "back door" code for them gets leaked? Notice I said "when" and not "if". I'm not paranoid, but we must assume that IF it IS possible, then it WILL happen someday... its just a matter of when.
 
lcpiper said:
They keys have to exist, if these keys don't exist, no one, not even the one that encrypted the data, would be able to access the data?
Click to expand...

The keys do have to exist for people to use the RSA tokens, but a large list of keys does not have to exist.

I was trying to make the point that if there is a known way to break a system, it exposes the system to unauthorized users breaking the system in the same way.

lcpiper said:
And after reading that Feeble Noise pollution blog, his arguements are irrelevant. The Owner of the phone agreed to have Apple unlock it. At that point there really isn't anything else to argue other than can they be made to unlock it after refusing. Apple has complied with the All Writs Act many times in the passed, so in my opinion, the will have to unlock the phone.
Click to expand...

From my understanding, the unlocking of the phone is not what is at issue. The FBI would like a signed version of iOS that removes passphrase entry protections where the phone could be wiped after 10 tries and an artificial delay between tries. They would also like to be able to use a computer to automatically enter passphrases. The would like this version of iOS installed onto the subject phone.

Risky Business #399 -- Apple vs the Government of the United States | Risky Business
 
You must log in or register to reply here.
Back
Top