New Encryption Legislation Coming?

[Romale23]

Again, you are exactly right in what a backdoor is, and you turn right around and misuse it in application. The government is not asking for backdoors even though that is what other people call it in the media reports. The government is asking for valid, legitimate access. Calling it a backdoor is just a way to make their requests sound unreasonable.

"Sir, I have a warrant here to search your house, would you please unlock the front door and come with me while I conduct a search for this and that?"

"No you can't sneak in the backdoor and rummage through my entire house looking for whatever you can find to pin a charge on me!"

"Umm, Sir, the warrant only authorizes me to look through your bedroom for a 9mm handgun, your wife says that you shot the TV with it and you always keep it on your night stand"

"Oh no, I'm not going to let you sneak in the backdoor and rummage through my entire house looking for whatever you can find to pin a charge on me!"

This is what the backdoor argument sounds like to me.

And you don't need to explain to me what encryption's purpose is. I was probably using it long before you were born.

Why do you guys keep insisting that the only way to support government access to data is via a backdoor? Why can't you ever admit that it would be perfectly easy to engineer secure access to data. So stupid.

I'm an old man myself so i'm going to try to break this down without the hyperbole.
1. the government doesn't make you add a lock that they have a master key to to your door. You let them in or they break the door down. You don't give them a key to come in whenever they want.
2. by the same token they can already issue a warrant and take the physical device your using and do whatever they want with it.
3. Its being called a backdoor because the original time this was proposed in the 90s the intent was to allow the government a master crypto key to decrypt whatever they wanted on the fly.
4. if it is done in this manner, there is ZERO chance the key doesn't leak the keys the government uses for high security crap have already been leaked several times causing them all to be re issued and all past data to be vulnerable. I know for a fact on this because i had to do 4 re keys over the course of 8 years because of this, and this is the tamest of the crap that has happened.
5. There is no actual authority the feds in particular can use to limit personal use of encryption. It can only be limited in commerce. In other words they can make apples native crap be weak, but you can't actually be prevented from doing whatever you want as long as you don't engage in commerce. Even when encryption was considered a national security issue in the past it only involved export of technology, not that you couldn't use it yourself.

I know this breakdown isn't clean but people should be concerned about this. It has been demonstrated time and time again the fisa courts can be abused to get just about whatever with a few exceptions they want and that intelligence services employees have abused their positions for personal and political gains and that doesn't even include actual political appointees abusing the system. I always break it down like this: If i knew a person wanted to harm me would i be willing to give them this power.

 

[lcpiper]

*Until it happens to you.

Gotcha

I really would hope not.

 

[lcpiper]

I'm an old man myself so i'm going to try to break this down without the hyperbole.
1. the government doesn't make you add a lock that they have a master key to to your door. You let them in or they break the door down. You don't give them a key to come in whenever they want.
2. by the same token they can already issue a warrant and take the physical device your using and do whatever they want with it.
3. Its being called a backdoor because the original time this was proposed in the 90s the intent was to allow the government a master crypto key to decrypt whatever they wanted on the fly.
4. if it is done in this manner, there is ZERO chance the key doesn't leak the keys the government uses for high security crap have already been leaked several times causing them all to be re issued and all past data to be vulnerable. I know for a fact on this because i had to do 4 re keys over the course of 8 years because of this, and this is the tamest of the crap that has happened.
5. There is no actual authority the feds in particular can use to limit personal use of encryption. It can only be limited in commerce. In other words they can make apples native crap be weak, but you can't actually be prevented from doing whatever you want as long as you don't engage in commerce. Even when encryption was considered a national security issue in the past it only involved export of technology, not that you couldn't use it yourself.

I know this breakdown isn't clean but people should be concerned about this. It has been demonstrated time and time again the fisa courts can be abused to get just about whatever with a few exceptions they want and that intelligence services employees have abused their positions for personal and political gains and that doesn't even include actual political appointees abusing the system. I always break it down like this: If i knew a person wanted to harm me would i be willing to give them this power.

It's not even factual.

3. The keys for "high security crap" are changed on a routine basis all the time anyway, at least they are for the Army. I mean it, it's on a schedule. Now if there is a breach then they would of course do an mediate crypto change, but if you can point to a breach of a classified network that wasn't just an insider downloading/extracting data or printing a document and sneaking it out in her pantyhose, by all means link it up. But you won't find one unless it came about because someone gained physical access to the systems. No classified network has been hacked yet.

4. In what manner? I am the only person who has proposed any "manner". Nothing was in the article and all anyone else has said is "backdoor backdoor backdoor" I can't believe that not one of you accepts that there exists a way to meet both the legal requirements and the privacy needs of our people. I will not accept that they are mutually exclusive.

5. Different topic entirely. Is there something in this article I missed about imposing limits on encryption usage? Best I know, (and as you stated), the only limits have to do with the transfer of encryption technologies to other countries.

I think what you believe about FISA is wrong. It completely ignores some basic concepts in favor of fear mongering attempts to paint the court as a white washed rubber stamp. You must understand what goes before FISA and why, in order to put into perspective the numbers reported by the media. As an example, all overseas phone calls are suspect when one of the parties is a foreign national. Now if I have a database, (the telephony meta-data database), and it has specific meta-data regarding calls but no identifying information actually naming the individuals involved, I do not know who is on either end of the call yet. To find out, I must query the providers therefor I need a "mother may I" in order to ask the phone company who these people are. I need this because my database can't be connected to other databases per the orders specified under the program. Right there, that's an easy one for the FISA court as they have absolutely no information that says these calls were between US Persons and because it's an overseas call, it's highly likely that at least one person is a foreigner, just odds. Obviously when you take this process it becomes easy to see that the numbers are going to be greatly slanted toward looking like a rubber stamp because under the situation, it can't be anything else and under EO12333 it doesn't have to be. It's not until after identity information is returned from the service providers that the FISA court and the Intelligence Community can even know who is or isn't a US Person, and how they must proceed regarding the data that was captured.

Furthermore, as long as one of the callers is a foreigner, now it's fair game all straight forward and easy, it's simple intelligence collection and US privacy laws no longer apply as long as they remain focused on the foreigner. Articles that highlight misdeeds by individual employees who have were caught or turned themselves in for misusing national authority, well were you see only the misdeed I see the system working properly because neither the world, nor people, are perfect, and the job still has to get done so that is not going to stop. Besides, most of those people reported on didn't commit their misdeeds against US persons, it was mostly against foreigners which means that although they misused their authority, they didn't do it against Americans. I went through all those reports very carefully.

But now we are running off the range.