Here We Go Again: FBI Wants Backdoors To Snoop On Nearly All Internet Communications
from the sure,-they-want-it... dept
On Friday, Declan McCullagh over at News.com had the latest reports of the FBI trying to get new laws in place that would require all kinds of internet communication services to include wiretapping back doors, so that law enforcement could tap into them. This isn't a new idea. The FBI has been calling for this for a long, long time. We had mentioned it just last year, but it goes back much further than that. Basically, the FBI is upset that it can't easily tap certain popular VoIP and social networking communication tools. So it wants to effectively force the tech industry to build back doors into pretty much everything.It's understandable why the government would want this, but that doesn't mean it makes very much sense. First of all, there will always be ways around such taps, and you can bet that major criminals/terrorists are already figuring out how to use systems that are much more protected. Second, as soon as you open up such backdoors, you have pretty much guaranteed that they're going to be abused. Those with nefarious intent will figure out how to access them as well, and people using these systems will be much more at risk, not just of governments spying on their conversations. Second, it's really an impossible task. All that will happen is more alternatives, which will be decentralized and encrypted end-to-end with no possibility of back doors, will likely pop up. The end result won't make it any easier for the FBI to track down real criminals, but will put plenty of non-criminals at risk. Oh, and it will do this while making things much more expensive for any tech company that wants to let its users communicate. That doesn't seem particularly helpful.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: encryption, fbi, voip, wiretapping
Reader Comments
Subscribe: RSS
View by: Time | Thread
\troll
[ link to this | view in thread ]
Inefficient
According to a PBS documentary, the NSA can crack most encryption available in very little time. So why doesn't the FBI do the NSA a favour and start accessing the NSA's databases.
Maybe they can learn some SQL commands and figure out how to sort through 4TB growth every month.
What is next, police requesting powers to snoop? Come off it. If you already have the data captured, use that and stop increasing the risk of privacy invasion by everybody and their mother requesting backdoors. If they start with the FBI, it will not end! We need backdoors plugged. The NSA has the access, FBI should get data from them, stop increasing vulnerability because you don't want to share and you don't know how to get along.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Opposed
[ link to this | view in thread ]
Would it just be easier to try and ban all Voip and other IMs and move us back to the telegraph? Would that make it easier for the FBI to set their own terrorist plots into motion so they can foil them and get some more headlines?
[ link to this | view in thread ]
Re: Re: Opposed
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Inefficient
This is true, however for many forms of encryption it takes some serious resources to do so. They wouldn't be able to decrypt a lot of commonly used encryption in enough bulk to be what the FBI wants.
The crypto agencies are expanding capacity aggressively, but are probably many years away from being able to casually break the encryption of large groups of people at once.
[ link to this | view in thread ]
These will never be found by hackers
They,whoever they are, assure us of it.
And they promise not to abuse it. Really really cross their heart and hope to die.
And the FBI has such a good record with computers and networks too.
[ link to this | view in thread ]
Talk about entitlement
Wiretapping laws originally were really just an extension of existing search laws. Companies could be compelled by court order to allow law enforcement agencies access to their equipment. These taps were gravy, taking advantage of an unexpected side-effect of technology.
Somewhere along the line, they stopped thinking about how lucky they were to have this accidental boon of information and starting thinking that there is such a fundamental right to this information that the law must compel its production.
[ link to this | view in thread ]
Question
I wouldn't.
So aside from them doing it against everyone's will, how is their wanting a backdoor to access all citizens' communications any different?
[ link to this | view in thread ]
it also doesn't make it right that they should be able to do it either. mind you, as stated, the system would be abused. i wonder how the FBI would feel and what they would say when it was their communications that were tapped into?
[ link to this | view in thread ]
Besides, we all know the FBI, NSA, and CIA don't work well with others...or each other.
[ link to this | view in thread ]
Oh wait. They did that.
Well, I'm glad they haven't forced manufacturers to install specialized equipment in any piece of tech that could be used for any sort of seditious purposes the way the KGB had during the height of the Soviet Union.
No... No they did that too.
Well at least the FBI hasn't tried to set up a censorship backbone to block access to undesirable websites and blogs and create a national firewall in order to protect the citizenry like they have in China!
[ link to this | view in thread ]
Of course....
How else are they going to continue to escalate their police state?
Violence begets violence. This government is funded through the initiation of force (or threat thereof). If you believe you are free & own yourself, try not paying income taxes.
Things will only continue to deteriorate unless we replace State coercion with individual voluntary exchange.
"Man must have the right of choice, even to choose wrong, if he shall ever learn to choose right." ~ Josiah C. Wedgwood ~
[ link to this | view in thread ]
Re: These will never be found by hackers
[ link to this | view in thread ]
Which one of these will happen first?
B. FBI personnel will be caught browsing or trading or selling the data for purposes most definitely not related to investigations, as in: Cops Trolled Driver's License Database for Pic of Hot Colleague or TSA Worker Caught Downloading Child Pornography or Jose Salgado, TSA Agent, Arrested In Child Porn Crackdown.
C. The FBI will outsource analysis to one of the many, MANY contractors who are eager to exploit the OMG!OMG!CYBERWAR hysteria by using "grep" to search for keywords and charging hundreds of millions of dollars for their services. These contractors will be quite thoroughly hacked by the first bored seventeen-year-old with an attitude, as in Stratfor Hacked, the data will be exfiltrated, and then put up for sale on the open market.
D. The backdoors will be discovered after they've been inserted but well before the FBI gets around to using them. Their new owners, pleased with their acquisitions, will need to decide whether to use them to fully exploit the services where they're installed, whether to start feeding entirely bogus (fabricated) data to the FBI, or whether to just siphon off the data and, once again, put it up for sale on the open market. (Alternatively, they could just trawl through the data and look for blackmail material, then offer to keep the FBI from seeing it...for a price. Note that it's not necessary that such blackmail material actually exist: after all, it's easy enough to just make it up.) Perhaps a really clever intruder will work out how to use the backdoors to funnel malware to the FBI, which doesn't exactly have a history of executing IT projects well, see for example: FBI's Beleaguered Sentinel Project Delayed Again.
[ link to this | view in thread ]
These types of actions will just drive more people to open source alternatives. By it's very nature, it's immune to such silliness from governments. Usually open source contributors are from various different countries and as such wouldn't need to follow such a law. And more importantly, if some sort of malicious FBI code was somehow included in an OSS project all it takes is for one person the remove it and re-release the project since the source is open.
[ link to this | view in thread ]
backdoor keys (and front and side doors too)
[ link to this | view in thread ]
FBI Wants Backdoors To Snoop
not any more its the government State
we will be chipping you for your own good
(DARPA wants to chip solders)
(http://www.fudzilla.com/home/item/27053-darpa-wants-to-chip-solders)
so we can protect you from harm
we will decide what you may eat
we will decide what you may read
we will decide what you may watch
we will decide what you may say
we will decide whats best for you
not excluding
re education camps
sterilization camps
extermination camps
this is for your protection and well being
the Government state
crazy only posted this yesterday now the chipping part shows up today
rest cant be to far away
[ link to this | view in thread ]
fixed
not any more its the government State
we will be chipping you for your own good
(DARPA wants to chip solders)
(http://www.fudzilla.com/home/item/27053-darpa-wants-to-chip-solders)
so we can protect you from harm
http://www.techdirt.com/articles/20120426/14505718671/insanity-cispa-just-got-way-worse-then-p assed-rushed-vote.shtml
list of five specific uses (cybersecurity, cyber crime, protecting people from harm, protecting children from exploitation, and national security)
we will decide what you may eat
we will decide what you may read
we will decide what you may watch
we will decide what you may say
we will decide whats best for you
not excluding
re education camps
sterilization camps
extermination camps
this is for your protection and well being
the Government state
[ link to this | view in thread ]
Re: Inefficient
This is a half-truth. The NSA can only crack older ciphers that have long since had exploits published about them or have become sufficiently obsolete. While a lot of encrypted information is stored using these kinds of ciphers (DES is a good example of a formerly highly-used encryption method that is no longer safe to use), the VAST majority of modern ciphers are still outside of their reach, and that is why they, too, wouldn't mind an ear or two installed on Facebook's servers. If they needed it, of course.
Many security experts have been saying that they likely have been using a much more powerful/overreaching tool for fighting encryption. They likely have an agreement with the major certificate authorities, or the companies who hand out encryption certificates for use with web sites and other services. These companies can issue certificates which allow decryption of supposedly secure traffic. Therefore, the only problem at that point would be storing all that information, since decrypting it is trivial, since the vast majority of encrypted communication on the internet is done using the SSL/Certificate Authority model.
with that point in mind, let's look at something else the NSA has been doing recently.
http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
Awfully big coincidence, seems like the perfect place to store terabytes upon terabytes of yet-to-be-processed information.
[ link to this | view in thread ]
Re: Inefficient
[ link to this | view in thread ]
Re: backdoor keys (and front and side doors too)
I saw another story on this -- couldn't find it with a brief search -- that said there was a massive protest against the invasion of privacy, and the city officials basically replied that the government knew best. One offical was quoted as saying that he doesn't care how unpopular a law is, government officials must do what they think is best.
[ link to this | view in thread ]
r=92 r=
2ot-
2 o
to\2=0=\ t6024065206
2l34[p7y3\
=7-347\3=-07\=-3\=57-34=lyu3]
;y 3y[];y
3ly
'l 3]
;
]3; u
][l3poifp2
`9`-93=9 mf[
po9
d vo
v
][ov=-023 rto
t ,g 5[o 90t
k4":]
n \-
]t[l
][o2 t=pi2re-
ore
[pr
]p \1r 0y=j89\-09-
5905 0i e[
k ke
[]1\e o
[-=t9=n ty2[p3 y
[ kl
l g
]l g
r
-
][l kaboom! (heh, heh, heh)
[ link to this | view in thread ]
in fairness ...
Is the loss of privacy worth the gain in catching criminals? I don't think so, but let's not pretend there isn't a rational argument.
[ link to this | view in thread ]
Lines up nicely
Next up, a request for a joint operation between the NSA, CIA, and FCC utilizing high-temperature superconductors to create piracy-stopping supercomputers - "Government agencies get together for hot three-way".
I'll stop there, but imagine the possibilities.
[ link to this | view in thread ]
Re: Re: Inefficient
http://www.dwavesys.com/en/dw_homepage.html
[ link to this | view in thread ]
Even if the government could force programmers to add back doors for law enforcement agencies like the FBI simply by passing new laws, it would still be possible for criminals to write their own software and/or take open source apps and remove the offending bits from them. Not all criminals are stupid, and the ones who are can always find help from other like-minded individuals. And what about smart law abiding programmers who go rogue and implement back doors into the back doors? In fact who wants to bet some of the software being used by the government doesn't already? Dumb dumb dumb dumb...
[ link to this | view in thread ]
Re: in fairness ...
True enough, but the dumb criminals (which is most of them) will give themselves away in a lot of other ways too. Decrypting their communications is convenient, but not necessary, to catch them.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: These will never be found by hackers
[ link to this | view in thread ]
[ link to this | view in thread ]
It's a herring.
Not sure what more they could need. SSL is no trick to crack.
[ link to this | view in thread ]
Re: Question
[ link to this | view in thread ]
Terrist!
[ link to this | view in thread ]
Re: Re: These will never be found by hackers
[ link to this | view in thread ]
And of course..
Following the rules is no longer considered important by any of the federal Gestapo organizations. Sadly, even states and cities ignore the rules as well.
They get away with it because they know no one can stop them or discipline them.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: It's a herring.
This is true, however "the government" is not actually a monolithic entity. The NSA cannot legally share their intercepted data with the FBI very easily. They follow different sets of rules.
This is another reason why we should be very wary of legislation to ease data-sharing between different government entities.
[ link to this | view in thread ]
Re: Which one of these will happen first?
The real question should be: why should we allow them to collect even more data to be compromised?
[ link to this | view in thread ]
Re: Re: Which one of these will happen first?
(D'oh on my part).
[ link to this | view in thread ]
Re: Re: Question
[ link to this | view in thread ]
When they go after this category, the stakes will be fundamentally different. To spy on *all* communications, they'd have to outlaw general-purpose, freely-programmable computers, start requiring licences for compilers and IT people, restrict access to source code.
All this would be barely possible with hardware-based remote control of all new computers. In practice, it won't get to that stage, because the same sort of greed and corruption that enables this current power-grab also affects the economy, and it will collapse first.
[ link to this | view in thread ]
Re:
This sounds similar to the environment Richard Stallman foresaw fifteen years ago in his short story The Right to Read. The Free Software Foundation is committed to never letting a future like that come about.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: It's a herring.
[ link to this | view in thread ]
Re: Re: Re: It's a herring.
[ link to this | view in thread ]
Competency
Tell ya what: let them learn how to open and read their email and then we'll let them have those keys. I bet not one in 10 of those people can even decipher most of their emails and they want what power?
Next up: the Thought Police-wanting to know what you're thinking before you know it.
Besides, isn't this the FBI which is responsible for busting more people in entrapment? Why make it easier for them to do that with?
[ link to this | view in thread ]
Re: Re: These will never be found by hackers
[ link to this | view in thread ]
Re: Re: Question
I would also visit a lot of sites that advocate for sane government and protecting our civil rights, so they may at least think about it more.
[ link to this | view in thread ]
Re: Re: Re: These will never be found by hackers
[ link to this | view in thread ]
[ link to this | view in thread ]