Putin Says All Encryption Must Be Backdoored In Two Weeks

from the make-it-snappy dept

Fri, Jul 8th 2016 10:42am — Mike Masnick

A few weeks ago, we wrote about the push by the Russian Duma to pass a massive new surveillance bill that would mandate backdoors to encryption as well as massive data retention requirements for service providers, including saying that they need to store recordings of phone calls. As you may have heard, earlier this week, Russian President Vladimir Putin signed the bill into law. And apparently to prove that he's serious about all of this, Putin has also signed an executive order telling the FSB (the modern version of the KGB) to make sure it gets encryption keys to unlock everything within the next two weeks.

After signing controversial anti-terrorist legislation earlier today, President Putin ordered the Federal Security Service (the FSB, the post-Soviet successor to the KGB) to produce encryption keys to decrypt all data on the Internet. According to the executive order, the FSB has two weeks to do it. Responsibility for carrying out Putin's instructions falls on Alexander Bortnikov, the head of the FSB.

As the article notes, there's a lot of uncertainty here, because in many cases, when things are encrypted locally or where there are private keys, there isn't any way for service providers to turn over any keys.

What happens next is a little unclear. But it seems likely that the Russian government will use this to attack certain encrypted communications services, and potentially block and/or fine them for failing to comply with the new law. There has been a lot of talk about how Ed Snowden has been speaking out against this law, as he should. Considering that he uses a number of different encryption systems to communicate with the world, this law puts him very directly in danger. But it also puts lots of other people at risk as well. As we've been pointing out for a while, encryption does much more to protect everyday citizens than it does to hide the communications of "terrorists." Undermining that puts a lot more people at risk of people hacking into their stuff than being a victim of a terrorist attack.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoors, data retention, ed snowden, encryption, fsb, mass surveillance, russia, surveillance, vladimir putin

63 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Baron von Robber, 8 Jul 2016 @ 10:49am

This will make the NSA's job much easier.....along with the rest of the world.

Dear Congress critters,
[ link to this | view in chronology ]
John Fenderson (profile), 8 Jul 2016 @ 10:49am

As the old adage goes...
Nothing is impossible for the person who doesn't have to do it.
[ link to this | view in chronology ]
- Ninja (profile), 8 Jul 2016 @ 10:53am
  
  Re: As the old adage goes...
  In Soviet Russia...
  [ link to this | view in chronology ]
  - Anonymous Coward, 8 Jul 2016 @ 11:35am
    
    Re: Re: As the old adage goes...
    ...encryption backdoors you!
    [ link to this | view in chronology ]
    - Yakko Warner (profile), 8 Jul 2016 @ 11:57am
      
      Re: Re: Re: As the old adage goes...
      The Russian people are getting "backdoored", all right....
      [ link to this | view in chronology ]
      - Anonymous Coward, 9 Jul 2016 @ 7:40am
        
        Re: Re: Re: Re: As the old adage goes...
        .. and everyone else is in Shangri-La.
        [ link to this | view in chronology ]
Ninja (profile), 8 Jul 2016 @ 10:50am

Oh, so Russia decided to commit digital suicide before the US. Let's see if the Russian tech companies will start relocating. Meanwhile let's avoid Russian software, shall we?
[ link to this | view in chronology ]
- John Fenderson (profile), 8 Jul 2016 @ 11:56am
  
  Re:
  To be honest, if the choice is going to be between using crypto that the Russian (or Chinese, etc.) government can break and crypto the US government can break, I'd lean toward the Russian.
  [ link to this | view in chronology ]
  - Kal Zekdor (profile), 8 Jul 2016 @ 12:33pm
    
    Re: Re:
    If we're just talking about government officials... sure. But Russian officials are a notoriously corrupt lot. I don't doubt that a number of those encryption keys will end up making their way to the black market.
    [ link to this | view in chronology ]
    - Ninja (profile), 8 Jul 2016 @ 1:17pm
      
      Re: Re: Re:
      At least corruption is more visible there, no? Or do they call it lobby too?
      [ link to this | view in chronology ]
    - John Fenderson (profile), 8 Jul 2016 @ 1:57pm
      
      Re: Re: Re:
      That's no different than how it would be if the US had them.
      [ link to this | view in chronology ]
  - Anonymous Coward, 9 Jul 2016 @ 7:42am
    
    Re: Re:
    AFAIK, backdoors are equal opportunity exploiters.
    [ link to this | view in chronology ]
- Anonymous Coward, 8 Jul 2016 @ 1:07pm
  
  Re:
  LMAO DId you miss edward snowden this is already happening in the US
  [ link to this | view in chronology ]
Matthew Cline (profile), 8 Jul 2016 @ 10:55am

Oh, Russian shills...
Won't you come out to play?
[ link to this | view in chronology ]
Uriel-238 (profile), 8 Jul 2016 @ 10:55am

Let's also see what new forms of Steganographic crypto appear in response.
If plausible deniability encryption starts becoming public and popular in response to this then it means we in the US will be prepared when our government makes the same mistake.

In the meantime, the people of Russia are about to get way more vulnerable to hackers, state-endorsed or otherwise.
[ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2016 @ 10:56am

What is it about politics that give politicians such delusions?
[ link to this | view in chronology ]
- Anonymous Coward, 8 Jul 2016 @ 11:41am
  
  Re:
  dopamine
  [ link to this | view in chronology ]
- That One Guy (profile), 8 Jul 2016 @ 7:52pm
  
  Re:
  Massive amounts of power, the ability to order people to do something without actually having to know whether or not it's even feasible to do, little to no accountability...
  [ link to this | view in chronology ]
- Anonymous Coward, 9 Jul 2016 @ 8:09am
  
  Re:
  The system we have today, in the past, and no doubt long into the future
  [ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2016 @ 10:59am

In a related story...
Alexander Bortnikov, ex-head of the FSB, appealed to the European Union for political asylum.
[ link to this | view in chronology ]
- Anonymous Coward, 8 Jul 2016 @ 11:24am
  
  Re: In a related story...
  I think that Alexander Bortnikov has asked Snowden if he has a spare bedroom to rent.
  [ link to this | view in chronology ]
  - Uriel-238 (profile), 8 Jul 2016 @ 11:48am
    
    Re: Re: In a related story...
    Bortnikov assassinated by polonium-210 poisoning (unwittingly irradiating everyone he knows in the meantime) in 3...2...1...
    [ link to this | view in chronology ]
afn29129 (profile), 8 Jul 2016 @ 11:06am

Not all all unexpected
This really isn't all that unexpected 'cause Putin has been behaving like a despot for quite a while now.
[ link to this | view in chronology ]
Rapnel (profile), 8 Jul 2016 @ 11:08am

Sorry, haven't quite read the piece yet, but....

Ahhhh-hah-hah-hah-hah-hah-haaah-ha-heh-hoo-hoo-hehh. gasp.

omfg, it hurts a little..
[ link to this | view in chronology ]
Pixelation, 8 Jul 2016 @ 11:35am

Well...
I think that Putin should be backdoored. Oh, wait...
[ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2016 @ 11:38am

once a spy, always a spy
Since Putin -- a spy by trade -- spent years running the world's second largest spy agency, is it really a surprise that he might tend to view government spying as a good thing?

The NSA or CIA might not be the only ones to plant backdoors in open source encryption. A rather high proportion of the world's crypographic experts are Russian. The RSA debacle might not be unique.
[ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2016 @ 11:49am

disgraceful and should be condemned but is it so different from what is wanted in the USA, in the UK and many other so-called democratic countries? no! it fucking isn't! that's why those who want to do it are removing democracy for good and those who dont want it are condemned as being backers of terrorism! ridiculous!
[ link to this | view in chronology ]
- Anonymous Coward, 8 Jul 2016 @ 1:11pm
  
  Re:
  if you listen to Snowden this has already happened in the USA
  [ link to this | view in chronology ]
- Anonymous Coward, 8 Jul 2016 @ 2:16pm
  
  Re:
  Oh look the Russian backdoor troll squad finally showed up.
  [ link to this | view in chronology ]
crade (profile), 8 Jul 2016 @ 11:51am

At first I didn't think the U.S. could manage to 1984 the whole world, but with Putin's help they might just have a shot.
[ link to this | view in chronology ]
ECA (profile), 8 Jul 2016 @ 11:56am

mUSIC TO THAT??
Putin on the ritz??
[ link to this | view in chronology ]
- afn29129 (profile), 8 Jul 2016 @ 4:02pm
  
  Re: mUSIC TO THAT??
  Putin the the bathtub. Tiny Bubbles.
  [ link to this | view in chronology ]
Yakko Warner (profile), 8 Jul 2016 @ 12:01pm

Talk about a no-win scenario
President Putin ordered the Federal Security Service to produce encryption keys to decrypt all data on the Internet. According to the executive order, the FSB has two weeks to do it.

Decrypt all data on the Internet? The whole Internet?

Might as well order them to solve global warming and world peace while he's at it.
[ link to this | view in chronology ]
- yankinwaoz (profile), 8 Jul 2016 @ 4:01pm
  
  Re: Talk about a no-win scenario
  Thank you. I was wondering the same thing. Doesn't that mean that Russia wants access to my Gmail here in the US?
  
  I wonder of the FSB has presented Putin with an invoice for doing this massive job? Talk about unfunded directives!
  [ link to this | view in chronology ]
Peter (profile), 8 Jul 2016 @ 12:11pm

Backdoors and Payment Processing
I'm probably just ignorant on the subject but how is commerce supposed to work in a world where, effectively, all information is public to some entity? In addition, how about between two financial institutions. Seems like it would break down things in a very fundamental way in for Wall Street.
[ link to this | view in chronology ]
- Anonymous Coward, 10 Jul 2016 @ 7:32am
  
  Re: Backdoors and Payment Processing
  These back door schemes almost always have exceptions in the fine print for certain people. These certain people are usually the government itself and it's favorite partners (such as the banking industry).
  [ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2016 @ 12:30pm

The solution...
Janek's black box.
[ link to this | view in chronology ]
- Uriel-238 (profile), 8 Jul 2016 @ 12:50pm
  
  Re: The solution...
  A quantum computer. We just need to make a true one.
  [ link to this | view in chronology ]
  - Baron von Robber, 8 Jul 2016 @ 1:15pm
    
    Re: Re: The solution...
    Quantum computers will be terrible for tech support.
    
    "Have you turn it off and on again at the same time without looking at it?"
    [ link to this | view in chronology ]
    - Ninja (profile), 8 Jul 2016 @ 1:22pm
      
      Re: Re: Re: The solution...
      "Man, I don't actually know if it's on or off. It seems there is a cat somewhere in the room though."
      
      Support guy: "O great, the cat."
      
      Schrodinger approves it!
      [ link to this | view in chronology ]
David, 8 Jul 2016 @ 12:54pm

When everyone's super, no one is!
This was asked once during a Congressional hearing I think. If {Company} is required to give a back-door key to the US Government, what if the Russia also required the back-door key? Now both countries have it, and neither (or no) country can trust it. RIP {Company A}.
[ link to this | view in chronology ]
Sargas, 8 Jul 2016 @ 1:08pm

Join the club.
The new legislation also violates Russian citizens' right to the privacy of correspondence, which is enshrined in Article 23 of the Constitution. In order to deprive Russians of this right, police need a court order. The “Yarovaya legislation,” however, grants law-enforcement agencies access to everyone's messages without any judicial oversight. [link]

Seems like Putin and the FSB are one the came page as Obama and the FBI.
[ link to this | view in chronology ]
- Anonymous Coward, 8 Jul 2016 @ 7:29pm
  
  Re: Join the club.
  Putin will just set up a FISA to OK the authority. Hmmm.. where would THAT idea come from?
  [ link to this | view in chronology ]
Aaron Walkhouse (profile), 8 Jul 2016 @ 3:42pm

This is obviously not an attack on encryption.
Alexander Bortnikov is simply being fired. ‌ It is obvious
that Putin's order is impossible to carry out and I'm sure
he doesn't care that everyone knows it.
[ link to this | view in chronology ]
- Uriel-238 (profile), 8 Jul 2016 @ 3:57pm
  
  Evil Overlord Minimum Standards of Conduct.
  One does not simply get fired by Putin.
  
  When Putin fires someone, Mr. Bigglesworth gets upset.
  [ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2016 @ 3:56pm

If there is a back door it isn't in truth encrypted. Sorry comrade Putin, but having your keys put me in the drivers seat.
[ link to this | view in chronology ]
any moose cow word, 8 Jul 2016 @ 4:02pm

Basically, this means they have two weeks to relocate their data and web services outside of Russian territories and a mass exodus of the .ru domain. What's worse is that could just as well be the fate of the US and the .com domain. We're just a few months from potentially electing a president that admires authoritarians such as Putin.
[ link to this | view in chronology ]
- any moose cow word, 8 Jul 2016 @ 4:13pm
  
  Re:
  To put this in perspective, the massive exodus of knowledge and talent from Nazi Germany to the US was a huge boost to our economy. Now, imagine that happening again, except this time it's fleeing the US for Europe or Asia. It's already happened in part within the physics community after we dropped our super collider project. When the LHC was announced, many of them grabbed passports and left for Europe.
  [ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2016 @ 5:25pm

Hey hackers Russia is about to become a target rich environment. Rubles for all.
[ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2016 @ 6:12pm

If it wasn't for "terrorism", it would be for: copyright, children, bad guys etc.
[ link to this | view in chronology ]
Kronomex, 8 Jul 2016 @ 8:57pm

Putin is making the old Soviet Union look like a democracy.
[ link to this | view in chronology ]
- Uriel-238 (profile), 8 Jul 2016 @ 9:15pm
  
  Putin IS Soviet Union.
  He's ex-KGB, and that's a mob that no-one quits ever.
  
  It would be as if an SS Officer were running Germany.
  [ link to this | view in chronology ]
Anonymous Monkey (profile), 8 Jul 2016 @ 9:43pm

1984
You know, Orwell was trying to write a good, riveting story. He was NOT trying to predict the future. That seems to be something those in power fail to grasp.
[ link to this | view in chronology ]
- Uriel-238 (profile), 9 Jul 2016 @ 12:11am
  
  Cautionary fiction
  It's a pretty commonplace story type: Miserable citizens of a thoroughly oppressive dystopia get a taste of love and inner meaning and attempt to reconcile this with the society around them. Sometimes they escape the society, sometimes it tears them apart.
  
  These days, young adult fiction is full of the stuff.
  [ link to this | view in chronology ]
  - Seegras (profile), 10 Jul 2016 @ 11:25am
    
    Re: Cautionary fiction
    These days, young adult fiction is full of the stuff.
    That's because just about all the politicians try to ruin their respective countries by turning them into thoroughly oppressive dystopias.
    [ link to this | view in chronology ]
Anonymous Coward, 9 Jul 2016 @ 12:24am

They should decrypt just major emails, not just any.
[ link to this | view in chronology ]
Anonymous Coward, 9 Jul 2016 @ 8:04am

The age of fucking stupid fucking surveillance

FFFFFUCK!

Pardon my frensh
[ link to this | view in chronology ]
Anonymous Coward, 9 Jul 2016 @ 8:21am

Do you think Putin (given the rumors flying around the Kremlin) couldn't help but lick his lips and moan slightly when someone said "Internet Backdooring"?
[ link to this | view in chronology ]
Anonymous Coward, 9 Jul 2016 @ 9:09am

Will the FSB keep all the keys in an encrypted server waiting to be plucked?
[ link to this | view in chronology ]
Anonymous Coward, 9 Jul 2016 @ 10:17am

Had a boss who used to make demands like that,
Of course everybody knew he was coked out of his mind when he'd make them. My guess is he is probably VP by now.
[ link to this | view in chronology ]
Anonymous Coward, 10 Jul 2016 @ 5:54pm

I almost want to put the "you call will be recorded" message before any outbound calls to Russia now, but it would probably generate too many support tickets.

Interesting how the virtual walls appear the same as physical borders are reinforced. The world is closing itself off from each other, and I have trouble staying optimistic about it :/
[ link to this | view in chronology ]
Whatever, 10 Jul 2016 @ 9:21pm

Excellent, excellent news.
[ link to this | view in chronology ]
BoB, 24 Jul 2016 @ 8:01am

Sensationalist bullcrap
I dont understand what the whole fuss is all about. In many countries around the world the policy is that all telcos maintain data for a given amount of time, and metadata also. And its also known that any company that uses enryption for data comunication must provide keys to government if requested, and they do, which is actually what the article says. There have been many cases where VPN providers, for example, gave keys to data and access to logs when request was made by local law enforcement agencies. VPN providers, for example, have the right to refuse foreign agencies. All this is some sensationalist bull - keys to the internet...ROFL!
P.S. in Australia this already been done, wake up, no one caress.
[ link to this | view in chronology ]