US Attorney Suggests Solution To Open Source Encryption: Ban Importation Of Open Source Encryption

from the bangs-head-on-desk dept

Is it really that hard to expect officials representing law enforcement to understand basic concepts? Earlier this week, University of Michigan hosted a debate on the whole "going dark/encryption" fight with the EFF's Nate Cardozo (disclaimer: he has represented us on certain legal issues) and US Attorney for the Eastern District of Michigan Barbara McQuade. While the event was filmed and livestreamed, as I type this, they don't appear to have posted a recorded version. However, it appears that Cardozo (not surprisingly) raised a key point that has been raised many times before: a US law against allowing unbroken encryption would have little impact on bad people using encryption, since there are many open source and non-US encryption products worldwide. But McQuade had a response to that... and it was kind of insane:
If you can't read that, she said: "I think it would be reasonable to ban the import of open-source encryption software." This is idiotic on any number of levels, and that an actual representative of law enforcement would make such a claim is immensely troubling and raises serious questions about the competency of the US Attorney's Office in Eastern Michigan.

First off, the Open Technology Institute released a paper late last year showing that there was a ton of both open source and foreign encryption products that weren't subject to US regulations. Another paper, released earlier this year by the Berkman Center and written by Bruce Schneier (along with Kathleen Seidel and Saranya Vijayakumar), found that there were 865 encryption products from 55 different countries on the market when they wrote the paper (it could be more by now), with 546 of those from outside the US. In other words, there are a lot of these kinds of products. So, at the very least, they'd be used by people outside of the US.

But, more to the point, a ban on importing them? We already had that legal fight, though back then it was on the question of exporting encryption. In Bernstein v. the US Department of Justice, the government sought to block Daniel Bernstein from publishing his algorithm for his Snuffle encryption system, saying it violated export laws related to exporting weapons. Eventually, the 9th Circuit ruled that software source code was speech protected by the First Amendment and any regulations preventing publication would be unconstitutional.

So, for McQuade's "simple" solution to take hold, we'd have to first ignore the First Amendment and a ruling directly on point to the issue she thinks is an easy solution. To be clear, the court's ruling stated:
In light of these considerations, we conclude that encryption software, in its source code form and as employed by those in the field of cryptography, must be viewed as expressive for First Amendment purposes, and thus is entitled to the protections of the prior restraint doctrine.   If the government required that mathematicians obtain a prepublication license prior to publishing material that included mathematical equations, we have no doubt that such a regime would be subject to scrutiny as a prior restraint.   The availability of alternate means of expression, moreover, does not diminish the censorial power of such a restraint-that Adam Smith wrote Wealth of Nations without resorting to equations or graphs surely would not justify governmental prepublication review of economics literature that contain these modes of expression.
While it's true this technically only applies in the 9th Circuit (and McQuade's district is outside of that circuit), it's not like there's a competing ruling in another district and the ruling here would be a difficult one to overcome.

Second, even if she could get past it, it would be pointless and useless. At least in the Bernstein case, the argument would be to try to block an American citizen from publishing the content -- an "export" ban. An "import" ban would be an order of magnitude more futile, because anyone outside the US publishing such open source code would not be covered by US regulations, so they couldn't be blocked from doing anything by a US court. So then any "import" ban would come down to someone being forced to magically comb the entire global internet and make sure no one from the US could ever see or find that code -- which, of course, would bring us right back to questions of prior restraint and the First Amendment.

There may be reasonable arguments to be made about encryption and its impact on law enforcement, but if the argument includes such inane ideas as banning the import of strong encryption, it's difficult to take the speaker seriously, or to conclude that they have any useful or competent knowledge on the subject at all.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: banning encryption, barbara mcquade, encryption, free speech, going dark, import ban, open source encryption


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    techflaws (profile), 14 Apr 2016 @ 10:41am

    An "import" ban would be an order of magnitude more futile, because anyone outside the US publishing such open source code would not be covered by US regulations, so they couldn't be blocked from doing anything by a US court.

    Not for lack of trying. See DVDfab and Slyfox.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:42am

    At least...

    We don't even pretend that liberty or privacy or rights is something America once stood for.

    Now it's just... a race to the bottom of who can get to have what when we say they can. Apparently with complete support of "The People" too!

    link to this | view in thread ]

  3. identicon
    Doug D, 14 Apr 2016 @ 10:44am

    if this goes anywhere...

    If this (or similar legislation) goes anywhere, I predict a surge in work on open source steganography.

    "What encrypted messages are you talking about? I'm just posting Fistogram pictures of my lunch!"

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:46am

    Somebody should explain to him that encryption is just mathematics and banning encryption is a little like legislating the value of pi. I believe Indiana has experience with this.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:48am

    US Attorney Barbara L. McQuade

    Meet the U.S. Attorney:   Barbara L. McQuade, U.S. Attorney
    Barbara L. McQuade is the U.S. Attorney for the Eastern District of Michigan. She was appointed by President Barack Obama. . . .

    McQuade serves on the Attorney General’s Advisory Committee, and serves as co-chair of the Terrorism and National Security Subcommittee. She also serves on subcommittees addressing civil rights and border security. . . .
    (Via Wikipedia.)

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:48am

    "I think it would be reasonable to ban the import of open-source encryption software."

    At least king Canute knew what he was doing when he told the wave to halt.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:53am

    Re: US Attorney Barbara L. McQuade

    Sounds like that bitch has NO BUSINESS serving on a subcommittee addressing civil rights.

    I nominate this as hiring the next Dingo as your Babysitter!

    Get on it John Oliver!

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:54am

    Re:

    … encryption is just mathematics…
    The political animals who become U.S. attorneys just don't like math.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:55am

    Playing Devil's Advocate by channeling John Yoo...

    While a ban on exportation of software code would be a violation of the first amendment, a ban on the importation of software would not unless it happened to be written by a US citizen abroad since first amendment rights only apply to citizens and others within this country.

    link to this | view in thread ]

  10. icon
    Groaker (profile), 14 Apr 2016 @ 10:56am

    Why do so many attorneys and politicians believe that they know more about every intellectual discipline than people who specialize in those fields? There are about a million attorneys in the US -- they can't all be polymaths.

    I watched this ego transformation in my sister who obtained a JD at Yale in her mid 30's -- presumably old enough to have a relatively stable personality. I also saw it occur in individuals who went straight to law school after their BA.

    link to this | view in thread ]

  11. icon
    Nathan F (profile), 14 Apr 2016 @ 10:58am

    Ah but don't you see. If they ban the importing of open source encryption then US Citizens would have no other choice but to use encryption that has been made in the US.. and has those wonderful back doors that others in the government insist need to be there to make us more secure.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:58am

    Barbara L. McQuade... so stupid she is quality politician material.

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:00am

    Actually, an import ban wouldn't be *that* difficult to enforce.

    All you would need to do is sever all communications with the rest of the world, prevent anyone from entering or leaving the US (or at least, entering - if they want to leave they obviously don't deserve to return) and cease all trade of any kind. It wouldn't only prevent the import of encryption software, it would also go a long way to shutting Bernie up... And just think of the fugitives who would no longer be able to evade justice (well, the law or what passes for it in enforcement and prosecution minds...). A law and order utopia!

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:02am

    No Problem

    So, for McQuade's "simple" solution to take hold, we'd have to first ignore the First Amendment

    Just say the magic words: NATIONAL SECURITY. Poof! No problem. Nothing in The Constitution can withstand that!

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:04am

    Re: Re:

    The political animals who become U.S. attorneys just don't like math.

    That's because they're not very good at it and they resent those who are.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:09am

    Re: Playing Devil's Advocate by channeling John Yoo...

    Stanley v Georgia (1969)
    It is now well established that the Constitution protects the right to receive information and ideas. "This freedom [of speech and press] . . . necessarily protects the right to receive . . . ." This right to receive information and ideas, regardless of their social worth is fundamental to our free society.
    (Citations omitted.)

    Expanding the quote-in-blockquote above which contains ellipses—

    Martin v City of Struthers (1943)
    The right of freedom of speech and press has broad scope. The authors of the First Amendment knew that novel and unconventional ideas might disturb the complacent, but they chose to encourage a freedom which they believed essential if vigorous enlightenment was ever to triumph over slothful ignorance. and necessarily protects the right to receive it.
    (Footnote and citation omitted.)

    link to this | view in thread ]

  17. identicon
    SpaceLifeForm, 14 Apr 2016 @ 11:11am

    Fascists are "all in"

    If you did not see this coming,
    you have not been paying attention.
    For decades.

    It is all about attacking FLOSS.

    If all software is super-duper secret,
    then all backdoors will exist for the
    fascists.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:14am

    Re: Re: Re:

    So... their equation must be...

    Law = Rights * 0

    link to this | view in thread ]

  19. icon
    Jeremy Lyman (profile), 14 Apr 2016 @ 11:18am

    Re:

    Certainly if the brightest minds in Silicon Valley just focus their magic abilities we can rid this fair land from the scourge of pi.

    Brilliant! We could solve all kinds of problems just by banning them.
    Chinese air pollution? Banned.
    Rising sea-level? Banned.
    Poor folks? Banned.
    Illegal Drugs? Double banned!
    Morons in positions of authority? Whoops, never-mind that one.

    link to this | view in thread ]

  20. identicon
    ssorrrell, 14 Apr 2016 @ 11:18am

    What If Encryption Does Equal Weapons

    The government has equated encryption to weapons. Doesn't that bring the 2nd Amendment into play for American citizens? Under this line of reason, which the Feds have been following for years, the 2nd Amendment might read, "..right of the people to keep and bear Encryption, shall not be infringed"

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:21am

    Re: What If Encryption Does Equal Weapons

    2nd amendment is dead and has been for some time now. Only the people with money can afford to challenge the system enough to keep their weapons.

    Police can arrest you for anything and fuck your life over and you do not even need to go to court or be convicted by judge or jury for that to happen.

    link to this | view in thread ]

  22. icon
    Chris-Mouse (profile), 14 Apr 2016 @ 11:22am

    So then any "import" ban would come down to someone being forced to magically comb the entire global internet and make sure no one from the US could ever see or find that code

    You sir have discovered the whole purpose of the bill. To give the government justification for snooping on all in ternet traffic.

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:25am

    Re: Re: Playing Devil's Advocate by channeling John Yoo...

    VA Pharmacy Board v VA Consumer Council (1976)
    Freedom of speech presupposes a willing speaker. But where a speaker exists, as is the case here, the protection afforded is to the communication, to its source and to its recipients both. This is clear from the decided cases. In Lamont v. Postmaster General (1965), the Court upheld the First Amendment rights of citizens to receive political publications sent from abroad. More recently, in Kleindienst v. Mandel (1972), we acknowledged that this Court has referred to a First Amendment right to “receive information and ideas,” and that freedom of speech “ ‘necessarily protects the right to receive.’ ”
    (Footnote and pincites omitted)

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:27am

    This is a great idea. AFTER a terrorist kills a bunch of people, if they even bothered to use encryption, we can add import of non-US(broken) encryption to the list of charges. The more you can charge someone with the better right?

    link to this | view in thread ]

  25. identicon
    Aussie Anon, 14 Apr 2016 @ 11:34am

    Re: Re: US Attorney Barbara L. McQuade

    "I call Dingo! I call Dingo!" XD

    link to this | view in thread ]

  26. icon
    Adam (profile), 14 Apr 2016 @ 11:36am

    Hmm.

    What if the source was, say, encrypted, how would they know it's open source or a jpg of cats napping? daf

    link to this | view in thread ]

  27. icon
    ECA (profile), 14 Apr 2016 @ 11:42am

    Turning the USA into a global market

    Can someone ask..
    When did these folks get out of there Gold and Glass houses..LAST..
    Were these folks all born and raised, and STILL living in the Florida everglades??
    Can someone ask these folks to come DOWN off their HIGH mountain, and learn the language??
    Please open the WINDOWS and get some fresh air into their heads...That helium is getting abit THICK..

    Encryption/data compression is in Every Facet, of our lives.. From your CD/DVD/BR to Phones, data communications, Drones, DRM, computer programs, Car computers....
    This is like having a police force that only speaks Turkish, and everyone has to change How they speak, because they cant understand it..we need SMARTER COPS..

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:46am

    I guess I'm confused. Does this mean they want to ban the importation of 0s and 1s? Won't that then cause a problem with all those wire transfers of foreign donations to superPACs?

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 14 Apr 2016 @ 11:48am

    Encryption for some, miniature American flags for others.

    We already have a sitting President and current Presidential candidates casting the encryption issue as "selfish privacy supporters"* vs. "true patriots." Why expect more wisdom or education from those in lesser offices, regardless of the branch of government? As far down the food chain as McQuade is, be thankful she doesn't want to outlaw electricity and promote leechcraft.

    * Those whose antisocial, individual and greedy corporate choices impede policing of drug-crime, pedophilia, terrorism, serial murder, etc.

    link to this | view in thread ]

  30. identicon
    Median Wilfred, 14 Apr 2016 @ 12:01pm

    Re: if this goes anywhere...

    That surge might happen, but it won't happen in the USA. The Feds will start "certifying" all programmers, and licensing all programming shops, which will be all -Windows or all-Mac, because no Open Source! As soon as Law "Enforcement" figures out that they've driven cryptography into steganographic GIFs, they'll start banning image files that aren't of an appropriate type, and they'll have Imgur and YouTube run some kind of ContentId thing that monitors for possible stego in the images or videos.

    This is all part of the "Logic of Surveillance"

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 14 Apr 2016 @ 12:08pm

    So if someone were to take the text of the US Constitution and encrypt it with no back door...it would be an illegal Constitution?

    link to this | view in thread ]

  32. identicon
    Anonymous Coward, 14 Apr 2016 @ 12:15pm

    "If you can't read that, she said: "I think it would be reasonable to ban the import of open-source encryption software.""

    Well in that case every country in the world should ban the import of all US open-source encryption software on the basis that the software could have a (hidden) backdoor in it that was put in place by the likes of the FBI/NSA or other US agency that does spying!

    link to this | view in thread ]

  33. icon
    jubjub (profile), 14 Apr 2016 @ 12:32pm

    Re:

    Nathan F is completely on point. It isn't about legislating math-it is about making possession of that math in certain forms illegal. Those in power are painting encryption with a similar brush to nuclear technology. For instance the physics of nuclear technology is just math but that doesn't make it ok to post detailed equations on how to make it work in any detailed way. And I think most of us are fine with that.

    Here is how I see it could play out.

    1) Make any encryption w/o a backdoor for LE illegal.
    2) Have Apple/Google/MS/Etc... refuse to sign any applications that contain illegal content (which is in place today).
    3) Make creation/possession of non-compliant encryption tools a crime.
    4) Next step would be work closely between companies and govt. to monitor for devices out of compliance (jailbreak phones are now really incriminating). Jailbreak a phone, get put on the no-fly list.

    The part that slays me about this debate is our lead in technology and the jobs/GDP it creates is staggering and right where we need to be to have a successful century as a nation. For anyone to be saying that we need to gut that business by backdooring everything for all international sales is just short sighted as hell.

    The reality is the meta-data plus zero day exploits should be plenty for LE in the foreseeable future to find and convict evil-doers.

    link to this | view in thread ]

  34. icon
    David Svarrer (profile), 14 Apr 2016 @ 12:34pm

    Banning Open Source Encryption, haaaaaa ha ha ha ha

    I am having almost cramps in my stomach about the candidates to the Einstein prize.

    BANNING OPEN SOURCE ENCRYPTION.

    Haaaaa ha ha ha ha ha ah ha ha aaaaaahhh.

    First of all - ha ha - you have to find out if the ban should deal with IMPORT or EXPORT of open source.

    EITHER of these options would mean that the believers in this, believes that the OPEN SOURCE ENCRYPTION is located EITHER on the INSIDE of the USA or on the OUTSIDE of the USA.

    Also, depending on where it is, one want encryption banned, one must also assume that there are nobody on the "affected" side with the desired "deficiency" of encryption, who has the brain to encrypt.

    Oh haaaaaa ha ha ha ha ha ha...

    LONG was Professor Oommens face (from Canada), when he had created the worlds best encryption algorithm, and he spent thousands of dollars getting export permission for it, ha ha ha ha, then I pointed out, that he had de facto (ipso facto even) exported it.

    Oommen felt very offended, and even pushed his stupid lawyer on me, who threatened me with law-suits etc., for insulting him. (There went that friendship)...

    However, he exported it, as he had patented it. 21 months after patenting - it is being published. So, the world had it, via his patent registration. VOILA.

    And, Anonymous Coward, I think we would add to the list of what should be banned, to make it even longer than what the Taliban's banned to make ban of open source encryption workable.

    (Are they called Taliban, because of that they have banned Tali - and does Tali mean: "The whole world" ??)

    Even before computers, we had such advanced encryption algorithms, so that these were practically unbreakable.

    Even the Caesar Cipher was a pretty good transposition cipher, ...

    OOOpppps. We forgot - we would also ban mathematics in schools, and ban political learning. Ban the idea that something is right or wrong. (We are slowly descending to Maoist China in the 1920's)...

    And if now someone by mistake should begin to utter words which could direct someone to think that we need something which can disguise communication, then decapitate them...

    We have now joined Stalin Russia ...

    Finally we need to have a thought police, which can do early identification of wrong thoughts and deviating thinking, and eliminate those. This is now a mix of George Orwells 1984, Stasi and a communist implementation we saw in the 1970's in Denmark, called "Tvind Skolen" - the school named Tvind.

    Hilarious. Simly Hilarious. Not that I don't like Hilary or want him involved...

    Today I have laughed :-)

    My 1 Dollar

    link to this | view in thread ]

  35. identicon
    Anonymous Coward, 14 Apr 2016 @ 12:39pm

    so every time I apt-get upgrade i'll be breaking the law?

    link to this | view in thread ]

  36. identicon
    Anonymous Coward, 14 Apr 2016 @ 12:42pm

    Re: Re:

    the physics of nuclear technology is just math but that doesn't make it ok to post detailed equations on how to make it work
    O RLY?

    Wikipedia background on United States of America v. Progressive, Inc., Erwin Knoll, Samuel Day, Jr., and Howard Morland (W.D. Wis. 1979)
    Legacy

     . . . From a legal standpoint, the case "proved to be a victory for no one", due to the indecisive nature of its conclusion. Yet it remains a celebrated case nonetheless. In 2004, the 25th anniversary of the decision was commemorated with an academic conference at the Benjamin N. Cardozo School of Law, attended by many of the participants, at which papers were presented. Law students still study the case, which "could have been a law school hypothetical designed to test the limits of the presumption of unconstitutionality attached to prior restraints."
    (Footnotes omitted.)

    link to this | view in thread ]

  37. icon
    afn29129 (profile), 14 Apr 2016 @ 12:48pm

    Still imcomplete....

    This doesn't cover software that has already been imported (or sourced domestically). It's way way way too late to stuff this genie back into it's bottle.

    Actually whole-disc encryption has been readily available for about 22 years now (that's Windows 3.0 era).

    SFS (Secure File System) for Win 3.0,3.1 3.11wfw, and DOS. Written in New Zealand.

    link to this | view in thread ]

  38. identicon
    Anonymous Coward, 14 Apr 2016 @ 12:53pm

    If this bill passes next we need a law which mandates the removal of all walls on houses to keep house interiors from going dark

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 14 Apr 2016 @ 1:00pm

    When this corruption and criminal malfeasance by the ruling class has finally been removed from the government we are going to run out of scaffolding at this rate. When it comes time to hang the traitors high.

    link to this | view in thread ]

  40. identicon
    Anonymous Coward, 14 Apr 2016 @ 1:03pm

    Re: Actually, an import ban wouldn't be *that* difficult to enforce.

    Armed guards and concrete walls with barbed wire then? Maybe they can outsource to the people that brought us escape from new york.

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 14 Apr 2016 @ 1:04pm

    Re: Re: What If Encryption Does Equal Weapons

    Thankfully a fair share of people that support the second amendment are willing to die standing up for their rights.

    I personally believe as long as there is a second amendment the 3rd world police state those in charge seem to desire for America's future will not come to pass.

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 14 Apr 2016 @ 1:06pm

    Re: Turning the USA into a global market

    smart hirees are turned away from becoming cops because "they would be bored with the policework" The police refuse to hire smart people. They want dumb loyal thugs.

    link to this | view in thread ]

  43. identicon
    David, 14 Apr 2016 @ 1:28pm

    Re: Actually, an import ban wouldn't be *that* difficult to enforce.

    See, I saw this highlighted posting and basically that's what I wanted to say:

    It's enough. I find I agree with Trump here: secure all borders, don't let the lunatics out, and route the Internet around the U.S. so that the NSA can use their facilities on the U.S. to their heart's content.

    This country had a good run with regard to liberty and decency, but if one wants to preserve the memory of that, one will do better never to hear from it again.

    link to this | view in thread ]

  44. identicon
    Anonymous Coward, 14 Apr 2016 @ 1:34pm

    Yeah, just ban it. 'Cause that worked so well for drugs and human trafficking. It's not like someone has to be duped into swallowing a condom full of encryption keys and hoping they don't bust mid-flight. Seriously, what are they thinking?

    link to this | view in thread ]

  45. icon
    John Fenderson (profile), 14 Apr 2016 @ 1:53pm

    Re: Re:

    "the physics of nuclear technology is just math but that doesn't make it ok to post detailed equations on how to make it work in any detailed way. "

    It's not only OK, you can easily find those detailed equations not only on the internet, but in any reasonably comprehensive public library.

    link to this | view in thread ]

  46. icon
    John Fenderson (profile), 14 Apr 2016 @ 1:58pm

    drug war

    Banning the importation or creation of encryption would be many orders of magnitude more difficult, expensive, intrusive -- and far less effective -- than the drug war. And we all know how well that works.

    link to this | view in thread ]

  47. identicon
    Anonymous Coward, 14 Apr 2016 @ 2:06pm

    All this tells me is they believe they already have a way into open source encryption. By limiting it to the US (as is their thought) they still get to see it all.

    While you can argue that open source is the ability to examine the code, how many of you can actually do that yourself without depending on someone else's expert opinion? Even here can you guarantee the compiler engine has not been already broken or some backdoor method put in it to take a look? Not to mention the problem that was exposed with the random number generator being anything but random thanks to the NSA, it's money, and influence.

    link to this | view in thread ]

  48. icon
    John Fenderson (profile), 14 Apr 2016 @ 2:24pm

    Re:

    "how many of you can actually do that yourself without depending on someone else's expert opinion?"

    I do.

    But crypto is a bit unique in that you can look at compromised crypto code all day long and not be able to see the compromise. Back doors are rarely explicitly coded, but usually take the form of a slight weakness introduced into the computations to make later cracking easier.

    Those computations are arcane and VERY easy to get wrong without noticing. Especially by people who are not experts in the mathematics of cryptography.

    link to this | view in thread ]

  49. identicon
    Anonymous Coward, 14 Apr 2016 @ 2:29pm

    Trump firewall when

    link to this | view in thread ]

  50. icon
    sigalrm (profile), 14 Apr 2016 @ 2:38pm

    Re:

    "Somebody should explain to him that encryption is just mathematics and banning encryption is a little like legislating the value of pi. I believe Indiana has experience with this."

    At last. A Plausible explanation for Common Core Math. Who new the US Government was capable of a long game?

    link to this | view in thread ]

  51. icon
    sigalrm (profile), 14 Apr 2016 @ 2:40pm

    Re: Re:

    *knew

    boy it'd be nice if we could edit comments :)

    link to this | view in thread ]

  52. icon
    sigalrm (profile), 14 Apr 2016 @ 2:42pm

    Re: Re: Re:

    Do you want to end up on a watch list? Because googling the physics of nuclear technology will get you put onto a watch list.

    link to this | view in thread ]

  53. identicon
    Anonymous Coward, 14 Apr 2016 @ 2:50pm

    Re:

    Ah; but they don't believe they know more... they've just learned (in school) that they have to project total knowledge in order to *win*. Confidence convinces people.

    link to this | view in thread ]

  54. identicon
    Anonymous Coward, 14 Apr 2016 @ 2:51pm

    Re: Re: Re: Re:

    … googling the physics of nuclear technology will get you put onto a watch list.
    DuckDuckGo: physics of nuclear technology <<< WARNING!   DANGERGOUS LINK!   CAUTION!   WATCH OUT!

    Click if you dare.

    link to this | view in thread ]

  55. icon
    David Svarrer (profile), 14 Apr 2016 @ 2:58pm

    Googling the physics of nuclear technology will get you put onto a watch list

    Dear Sigalrm,

    The problem studying nuclear technology is not so much the watch list, but the problem that someone who may be interested in making bombs could be studying what you study.

    As someone else wrote, everything needed is on the internet. Besides which, it is not very interesting to study how to make nuclear bombs. It is MUCH more interesting to study, how we, by changes in the way we humans deal with each other, can change the world such that it does not need nuclear bombs.

    A nuclear bomb basically has very few problems to solve, and anyone can find all those on the internet too.

    However, making a nuclear bomb will not assist solving any of mankind's problems, which basically are of the nature of reducing our greed, and selfishness.

    Those who made nuclear weapon and the few who used them, have not solved any problems with those bombs...

    We have so many warheads, world wide, so we can blast the entire globe into an inferno of fire.

    Besides which, I would never think that anyone are so petty (or stupid), that they cannot see / look right through what you are doing in very few days..

    Some of the problems making a nuclear bomb are not related to the architecture, but to the fact that one needs some very pure Uranium 235 or 238.

    The very handling of this Uranium is very very difficult....

    What is your take?

    link to this | view in thread ]

  56. identicon
    Anonymous Coward, 14 Apr 2016 @ 3:07pm

    Re: Hmm.

    If they can't decrypt it, it's illegal.

    But that raises a really good point. If you can't import encryption, how are people in the US supposed to read the encrypted files sent to them by non-USians?

    Linux distributions use GPG (currently maintained in Europe) to manage and validate packages. This means that if importing was banned, any Linux distro based on Debian (such as Ubuntu) and even RedHat (CentOS) would effectively be banned in the US.

    link to this | view in thread ]

  57. identicon
    Anonymous Coward, 14 Apr 2016 @ 3:09pm

    Re: Re: if this goes anywhere...

    They will try, at least.

    They have yet to prevent themselves from being hacked.

    Plus they have to stop using 1234 as passwords.

    link to this | view in thread ]

  58. identicon
    Anonymous Coward, 14 Apr 2016 @ 3:10pm

    Re: Re: Turning the USA into a global market

    The last thing you want is someone with the authority to enforce the law and the brain to know how to exploit it.

    That also explains politicians.

    link to this | view in thread ]

  59. identicon
    joat, 14 Apr 2016 @ 3:22pm

    In other news...

    The DOJ has decided to ban all languages except English since most officers of the law only understands English. This also means that if you speak a second language and try to travel to the US you will be denied entrance (editor note: if you want to travel the US and gain entry just don't tick the box that you are bi- or multilingual on the customs entrance form).

    Mr. Sean Thomas Upid Esq. of the DOJ explained that this will make the American people safe and the US great again since this will stop all terrorists entering the country.

    Mr. Trump welcomed the news and commented that all the murderers and rapist wouldn't be able to cross the border either now so there wouldn't be a need for a wall any longer.

    link to this | view in thread ]

  60. identicon
    Anonymous Coward, 14 Apr 2016 @ 4:18pm

    Re: Re: Hmm.

    "If you can't import encryption, how are people in the US supposed to read the encrypted files sent to them by non-USians?"

    Simples. Ms McQuade thinks open-source software is the problem. Import closed-source software and everything will be fine.

    ps If you want to receive anything from non-USians, you are automatically suspect and watchlists exist just for such un-American traitors. So there's that.

    link to this | view in thread ]

  61. identicon
    web invader, 14 Apr 2016 @ 4:47pm

    encrypion

    ssad thing they call encryption dark stuff for olice feds goverments sad thing now trying catch up warn veybody bad things about big ECR thing but used in banks stuff ans other take granted sad thing fed should get ahead and stat understanding encrytion or fight going messy bloody thing what code is used like driving a car and do you think spies and drug runners and terriorst will not use next thing fight and defeat next thing u need understand it to fight it use it for good

    link to this | view in thread ]

  62. icon
    Feldie47 (profile), 14 Apr 2016 @ 5:16pm

    Just like the old days

    This is just like the old days when they banned Fannie Hill and Henry Miller's works. Every kid managed to somehow get a copy and trade it. That was 60 years ago. No internet, no globalization, just pure motivation.

    Don't these people ever realize that censorship - of anything - just never works. It just makes people more curious than ever.

    People who don't give encryption a second thought will then give it a third and a fourth. They'll probably use it for the thrill.

    link to this | view in thread ]

  63. identicon
    Anonymous Coward, 14 Apr 2016 @ 5:25pm

    Re: Re:

    Getting rid of π is easy peasy, just use τ instead.

    The Tau Manifesto

    link to this | view in thread ]

  64. identicon
    Anonymous Coward, 14 Apr 2016 @ 5:35pm

    Re: Googling the physics of nuclear technology will get you put onto a watch list

    We have so many warheads, world wide, so we can blast the entire globe into an inferno of fire.
    And the only effect on global sea-level change will be to reduce the sea-level in the consequential nuclear winter.

    Hey that's an idea, let's detonate the entire worldwide nuclear arsenal and permanently solve the sea-level rise problem.

    link to this | view in thread ]

  65. identicon
    Anonymous Coward, 14 Apr 2016 @ 5:50pm

    Next up .. whispering will be outlawed.

    link to this | view in thread ]

  66. identicon
    Xpectant Mommies little monster, 14 Apr 2016 @ 6:15pm

    There is only one endgame

    Total servaillance all the time, monitoring of your email, SMS, Calls, Web, All cameras.. because if not there is going to be another 9/11 I don't understand why no one understands this , If I cannot see you masterbate, people funded by the US government, trained by the US government, living with Agents of the US govenment would will be able to kill 3000 people.

    link to this | view in thread ]

  67. identicon
    Anonymous Coward, 14 Apr 2016 @ 7:24pm

    Might as well just make it illegal to write words.

    It would be just as effective.

    link to this | view in thread ]

  68. identicon
    Anonymous Coward, 14 Apr 2016 @ 9:14pm

    Re: drug war

    Banning the importation or creation of encryption would be many orders of magnitude more difficult, expensive, intrusive -- and far less effective -- than the drug war.

    Even more money to made/wasted by law enforcement than in the drug war? No wonder they want it.

    link to this | view in thread ]

  69. identicon
    Allan Savolainen, 14 Apr 2016 @ 10:17pm

    Re: Playing Devil's Advocate by channeling John Yoo...

    Hmm, exporting strong crypto has been banned in the past, so I think it could be banned in the future too.

    link to this | view in thread ]

  70. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:42pm

    Utopia, is it?

    When you have at least one present working example?

    link to this | view in thread ]

  71. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:57pm

    Re: Re: Actually, an import ban wouldn't be *that* difficult to enforce.

    Be curious how many smaller countries America will be split into when the populace revolts again, or if they people will be able to reform their corrupt system into a single country for the people again.

    link to this | view in thread ]

  72. identicon
    Anonymous Coward, 14 Apr 2016 @ 10:58pm

    Re: Re: Re: Re:

    posting on this site and sites like it that display government wrongdoing will get you on that same list.

    If you are not blindly loyal you might be a threat.

    link to this | view in thread ]

  73. icon
    David Svarrer (profile), 15 Apr 2016 @ 12:16am

    Re: Hmm. Cats napping or "engrypted griminal dingz"

    Yes, you really have a point. And do you remember this "paradogma" which has almost become a mantra amongst cryptographers, "that your encryption algorithm is not really strong if it cannot be published and still stand against attacks"

    The place where I stand is very simple: If I can produce a ciphertext which can be read in the other intended end, then whether or not the algorithm is in public or not, it works.

    If I was a codebreaker, and I received a picture of a beautiful meadow, and the lowest bit of every 30th blue colour code was a bit of a message, and the message was on top of that encrypted with a non published, hard encryption, leaving a stronger randomness of the cipher code than even Fips-140 ii, ha ha ha ha, I would know that there is nothing I could do.

    Besides which, I would need to even know, that the picture has been steganografed... There are means for finding out, however, if the message is short, and the picture is big, then surely, even detecting that the picture is steganographed is not only uphill, its impossible.

    What worse is, if bits are straddled / striped, it may be possible to detect that its steganographed, but now the worst part is, that it is not possible, reversely, to detect if an 8 bit shade, 0xf4 of blue is actually part of the cipher or not part of the cipher.

    Thereby, gentlemen and ladies, I have by use of one, single example, proven, that the fear of NSA, FBI, CIA that they may come across (lots of) encryption which they can not break is true.

    Furthermore, if these same good agencies want to still be funded, they need then to realize that fact.

    Further, they would need to use same methods themselves, which brings them at par with the criminals where communication is concerned.

    Furthermore, these good agencies, will then devise new (or old) methods to intercept the criminal communication. And they would - as it was in the old days - need permission, and never seek it - and do their job, and the universe would now be able to continue unfolding as universes are supposed to unfold.

    And in that reality scenario, no, one would not know if an encrypted file would contain cats napping, or cats napping plus plus :-)

    My 1 Dollar (decrypted)

    link to this | view in thread ]

  74. identicon
    Anonymous Coward, 15 Apr 2016 @ 1:00am

    Re: In other news...

    might not be long before mexico and Canada put up walls of their own to try and contain the madness

    link to this | view in thread ]

  75. icon
    That One Guy (profile), 15 Apr 2016 @ 4:37am

    Re: Re:

    Oh they like some math, they absolutely love adding up how much people and companies have given them and seeing how much it comes out to.

    link to this | view in thread ]

  76. identicon
    Aussie Anon, 15 Apr 2016 @ 5:47am

    Re: Re: Re:

    Using 2π in your calculations anywhere? Forget that and use (1)τ instead! XD

    link to this | view in thread ]

  77. identicon
    Lewis V, 15 Apr 2016 @ 6:44am

    McQuade: "I think it would be reasonable to ban the import of open-source encryption software"

    Stupid is, as stupid does.

    link to this | view in thread ]

  78. identicon
    PRMan, 15 Apr 2016 @ 8:03am

    Re: Re: Re: if this goes anywhere...

    They'll just ban anyone who hacks their convenient 1234 password...

    link to this | view in thread ]

  79. identicon
    PRMan, 15 Apr 2016 @ 8:03am

    Re: Re: Re: Re: if this goes anywhere...

    (And before you think I am joking, isn't this EXACTLY what we have with DVDs right now?)

    link to this | view in thread ]

  80. identicon
    Anonymous Coward, 15 Apr 2016 @ 9:04am

    The video recording has now been posted here:

    http://safecomputing.umich.edu/events/dissonance-series/

    link to this | view in thread ]

  81. identicon
    FD6, 15 Apr 2016 @ 10:40am

    PRIVACY ANNIHILATED

    Indicator of a real intent at privacy annihilation. They mean to do it.

    link to this | view in thread ]

  82. identicon
    Anonymous Coward, 15 Apr 2016 @ 11:48am

    btw - if you only have a few minutes to watch the video, I think 55:08 to 57:55 includes the question & comments about which this post was written

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.