Everyone bored to death by DoJ's latest call for crypto backdoors




Everyone bored to death by DoJ's latest call for crypto backdoors
Everyone bored to death by DoJ's latest call for crypto backdoors  

The U.S. Department of Justice's deputy attorney general, Rod Rosenstein, gave a speech on encryption yesterday and boy was it a snoozer. It's almost as if all those decades of crypto wars never happened.

How many data breaches and ransomware attacks will it take before we don't have to hear reheated and rehashed arguments against strong encryption?

Rosenstein's premise in his "remarks on encryption" was that there has never been a secure form of communication in human history prior to end-to-end encryption (er, what about person to person speech, as the EFF points out).

And that this "warrant-proof encryption" is akin to a magical immunity cloak for criminals -- immunity from prosecution in this case.

Without the ability for law enforcement to decrypt and access digital comms on-demand, he suggested, criminals will just be free to get away crimes like terrorism or child exploitation -- going so far as to say "chaos may follow".

"If companies are permitted to create law-free zones for their customers, citizens should understand the consequences. When police cannot access evidence, crime cannot be solved. Criminals cannot be stopped and punished," was literally what he said.

So full marks for logical disproportionality.

All the other types of digital personal data floating around for investigators to tap into just don't cut it if you want to secure a prosecution, he argued.

So so much for killing people based on metadata, eh? Now it's 'decrypt those WhatsApps or the law/civilization ends'.

Rosenstein went on to call out -- though mostly not by name -- U.S. tech giants for being unwilling to hand over data that they don't have access to.

Which means, for one, WhatsApp -- a company that has rolled out e2e encryption across its comms platform.

And has been named in attempted 'crypto shame' by UK politicians as the government there has long been seeking to disuse tech giants from using strong encryption.

But continues to publicly stand firm against the slings and arrows of outrageous politicians.

Rosenstein also criticized tech giants for being unwilling to deliberately weaken the security of their systems in order to afford such access.

He went on to specifically talk about the Apple vs the FBI case -- mentioning Apple by name as he sketched out his take on what had happened with the San Bernardino iPhone; before going on to claim: "Thousands of seized devices sit in storage, impervious to search warrants."

Thing is, he literally said that right after admitting: "Fortunately, the government was able to access data on that iPhone without Apple's assistance."

Um...

Rosenstein also tried to play his own shame game by suggesting tech firms will do techie stuff for their own commercial ends, and/or have been willing to co-operate with the techie demands of foreign governments if their bottom line is at stake -- just not domestically at home. (Subtext: 'How unpatriotic!')

Instead, his not-so-subtle call was for legislation to force unwilling tech companies to backdoor their systems in a non-specific way that would nonetheless afford access to decrypted data.

Though he euphemistically termed this "responsible encryption".

And tried to claim it would not, in fact, be a backdoor. ("Responsible encryption is achievable. Responsible encryption can involve effective, secure encryption that allows access only with judicial authorization," er, so a backdoor then?)

At the same time as having the brass neck to claim: "We at the Department of Justice understand and encourage strong cybersecurity to protect our citizens."

"Technology companies almost certainly will not develop responsible encryption if left to their own devices," he railed. "Competition will fuel a mindset that leads them to produce products that are more and more impregnable. That will give criminals and terrorists more opportunities to cause harm with impunity."

So what were Rosenstein's examples of "responsible encryption"?

"The central management of security keys and operating system updates; the scanning of content, like your e-mails, for advertising purposes; the simulcast of messages to multiple destinations at once; and key recovery when a user forgets the password to decrypt a laptop."

At this point -- or, let's face it, long before -- crypto experts everywhere sighed heavily into the hands holding their heads.

"Technology providers are working to build a world with armies of drones and fleets of driverless cars, a future of artificial intelligence and augmented reality. Surely such companies could design consumer products that provide data security while permitting lawful access with court approval," Rosenstein went on to say -- an argument the EFF neatly sums up in its takedown of the speech as "nerd harder".

Thing is, maths is immune to nerding harder -- howsoever many people claim it's not.

(Special shout out to UK home secretary Amber Rudd for her own recent comments on that topic.)

"There is no constitutional right to sell warrant-proof encryption. If our society chooses to let businesses sell technologies that shield evidence even from court orders, it should be a fully-informed decision," Rosenstein said in his concluding lines.

Earning himself another legal rebuke from the EFF which writes: "This is simply incorrect. Code is speech, and courts have recognized a Constitutional right to distribute encryption code."

Various other holes in Rosenstein's argument are available.






COMMENTS

More Related News

Chinese nationals indicted on illegal drug manufacturing
Chinese nationals indicted on illegal drug manufacturing

WASHINGTON (AP) - Two Chinese nationals have been indicted on charges they manufactured tons of fentanyl and other powerful narcotics that were then peddled in the United States, killing at least four people and seriously injuring five others, Justice Department officials announced Tuesday.

Trump
Trump's drug czar nominee withdraws from consideration
  • US
  • 2017-10-17 17:42:22Z

The U.S. lawmaker who was President Donald Trump's pick for drug czar withdrew on Tuesday after it became public he spearheaded a bill that hurt the government's ability to crack down on opioid makers flooding the market with the addictive painkillers. Trump had pegged Representative Tom Marino, a Republican from Pennsylvania, to lead the Office of National Drug Control Policy, as the administration faces an epidemic of opioid overdoses that is killing tens of thousands of Americans annually. Trump wrote on Twitter: "Rep. Tom Marino has informed me that he is withdrawing his name from consideration as drug czar.

U.S. Justice Dept will review new law
U.S. Justice Dept will review new law's impact on DEA powers: official
  • US
  • 2017-10-17 15:00:57Z

WASHINGTON (Reuters) - U.S. Deputy Attorney General Rod Rosenstein said on Tuesday he was very concerned about a report that said new legislation has undermined the Drug Enforcement Administration's ability to crack down on opioid dealers and said the Justice Department would review the law.

Leave a Comment

Your email address will not be published. Required fields are marked with *

Cancel reply

Comments

Top News: Economy

facebook
Hit "Like"
Don't miss any important news
Thanks, you don't need to show me this anymore.