James Comey's New Idea: An International Encryption Backdoor Partnership

from the let's-all-share-the-pain-equally dept

FBI Director James Comey is still pitching encryption backdoors, despite there being almost no one -- from the Intelligence Community to legislators around the world -- interested in what he's selling. Comey claims to be sitting on a pile of encrypted devices the FBI can't get into, even with help from outside contractors.

His latest backdoor idea was floated at a national security symposium at the University of Texas. Knowing any legislated backdoors might result in US device customers turning to overseas suppliers, Comey thinks he can minimize domestic fiscal damage by getting the rest of the world to fall in line with an idea most foreign governments still find unpalatable, even as they suffer terrorist attacks with a far greater frequency than we do at home. Michael Kan has more details at ComputerWorld:

Speaking on Thursday, Comey suggested that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.

“I could imagine a community of nations committed to the rule of law developing a set of norms, a framework, for when government access is appropriate,” he said on Thursday.

Comey doesn't say how he plans to set this in motion. He's had no luck on the domestic front, so hoping for an "international framework" to spring into existence is, at best, inordinately hopeful. He directly addressed one of the many concerns device makers have about encryption backdoors, stating he had no desire to "chase innovation" out of the US. But that doesn't mean he's not interested in harming US innovation. He simply believes every country in the partnership should suffer equally.

As always happens when Comey opens his mouth about encryption, plenty of experts in the field are on hand to criticize his comments.

“I don’t think it makes sense,” said Nicholas Weaver, a researcher at the International Computer Science Institute at the University of California Berkeley.

Comey’s idea means that all countries will essentially agree to weaken the security in their vendors’ tech products, Weaver said. However, other countries will balk, fearing that the U.S. might exploit the cooperation for spying purposes.

“Would you still use a U.S. product, even if you know the NSA (National Security Agency) could have the rights to it?” he said.

Most of our allies around the world are still stinging a bit from multiple national security leaks -- some of which have exposed nearly as much intrusiveness of their own security agencies as they have about the NSA's reach and grasp. With the NSA heavily-involved in diverting hardware shipments to implant backdoors, no one's in any hurry to add their country to the list of "buyer beware" electronics.

Even if most of Europe agrees to weaken encryption to make law enforcement easier, there's no preventing non-partner countries from taking advantage of security holes to engage in greater domestic spying and civil rights abuses.

And, as is always the case when Comey opens his mouth about encryption, it's again suggested the nerds of the world are simply not applying themselves when it comes to "safe" backdoors.

[O]n Thursday, Comey said the tech industry can find an approach that creates government access, while keeping malicious actors out.

“I reject the, ‘it’s impossible’ response,” he said. “I just think we haven’t actually tried it.”

Counterpoint from Nate Cardozo of the EFF:

“It’s childish to stomp your foot, and say, ‘nerds you have to try harder,’” Cardozo said.

That's Comey all over: insisting he's right despite nearly no one else in the world agreeing with him. The phones he can't get into are apparently viewed as a personal insult -- a middle finger from device makers to the feds. He claims device makers shouldn't "decide how [their customers] live" by providing default encryption. He feels it should be left up to customers whether or not they want that level of security.

He makes this claim while pitching backdoors that remove that choice, allowing the FBI to tell Americans how to live: less securely, because criminals and terrorism. Again, classic Comey -- who handles every discussion of encryption like a child. He's not guileless, not by far. But he so deeply believes in the inherent "rightness" of his arguments that he's unable to see their inconsistency and incoherence. Or worse, he does... but just doesn't care.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoors, encryption, fbi, going dark, james comey


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:12pm

    “I reject the, ‘it’s impossible’ response,” he said. “I just think we haven’t actually tried it.”

    I guess he never bothered to read the history books about the last time this was done. Seem to remember just a few years ago someone exploited a flaw left over from that. Something to do with browser downgrading encryption when asked because at the time we couldn't "export strong encryption"

    This idiot really should be forced to go back to school and retake those math classes he obviously flunked or cheated his way through.

    link to this | view in thread ]

  2. identicon
    Chris Brand, 30 Mar 2017 @ 12:15pm

    If he's so knowledgeable about what's possible...

    surely it would be very easy for him to prove that it's not impossible by doing it himself ?

    link to this | view in thread ]

  3. icon
    TechDescartes (profile), 30 Mar 2017 @ 12:15pm

    It's not a backdoor

    It's a screen door.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:20pm

    Claude Shannon -- in the 40's -- proved -- mathematically -- that what Comey wants is impossible. He didn't prove that it was difficult or that given enough compute power it could be done. He proved that it is simply impossible.

    What Comey wants is similar to the Indiana Legislature trying to legislate the value of PI. They didn't like irrational numbers.

    Comey is an idiot.

    link to this | view in thread ]

  5. identicon
    CRAPC, 30 Mar 2017 @ 12:21pm

    Dear America...

    We sincerely approve of this idea and look forward to partnering with you on it. Comrade Comey is an American hero!

    Love,
    China Russia Alliance on Prevention of Crime
    CRAPC

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:21pm

    For some reason these calls for secure encryption with backdoors tends to remind me of that old SNL skit where there's a company who is spending millions of dollars in research in an attempt to get a camel to fit through the eye of a needle via crazy plans like really large needles, really tiny camels, pureeing the camel so it can be more easily poured through the eye of a needle, etc.

    link to this | view in thread ]

  7. icon
    DannyB (profile), 30 Mar 2017 @ 12:22pm

    Committed to the rule of law

    I understand that legislators can make the laws be whatever they want.

    But when someone says they are committed to the rule of law, I tend to assume, or I used to assume that means they support things like citizens' right to have private encrypted communications and data storage.

    When these two things no longer go together it is a sign that the country is sick. The laws, at least in part, are no longer to protect the citizens, but at least in part to work against them.

    link to this | view in thread ]

  8. identicon
    Alya, 30 Mar 2017 @ 12:23pm

    Re:

    What Comey wants is similar to the Indiana Legislature trying to legislate the value of PI. They didn't like irrational numbers.

    Despite being irrational themselves. Imagine that.

    link to this | view in thread ]

  9. icon
    DannyB (profile), 30 Mar 2017 @ 12:25pm

    Re: If he's so knowledgeable about what's possible...

    Mr. Comey, why can't you catch terrorists without breaking everyone's encryption?

    Don't tell me it's impossible.

    I reject the 'it's impossible' response. I think you just haven't actually tried it.

    link to this | view in thread ]

  10. icon
    That One Guy (profile), 30 Mar 2017 @ 12:26pm

    "If we can land a man on the moon, surely if we put our minds to it we can land a man on the sun."

    ... yeah, his 'nerd harder' mantra is that stupid.

    Mind, I said the mantra is stupid, not the man, because I rather doubt he himself is that stupid, rather he's just incredibly dishonest and focused only on making his job easier, no matter the damage it will cause if he ever manages to con a government into following him.

    He's a massive threat to public safety and security, and it's not because he's too stupid to realize it, he just doesn't care.

    link to this | view in thread ]

  11. icon
    Roger Strong (profile), 30 Mar 2017 @ 12:27pm

    Think of how Stingray cell site snoopers were for catching terrorists... and now they're in use by 13 federal agencies plus many state and local police agencies. And police agencies around the world. They'll all demand access to the backdoor too.

    Sharing the backdoor password internationally - to multiple agencies in every other country - will only add redundancy to the backdoor being leaked/found/exploited by the bad guys.

    But contrary to this article, it's not a new idea. There was never any question that a backdoor would be shared. Germany, Japan, Russia and the rest would never accept phones being sold in their countries with that foreign-controlled backdoor, unless they too have access. Remove that backdoor (not that they'd trust it to be gone) and Americans can simply import phones from those countries. Or just import the OS updates.

    Even in a world with unicorns and magic pixie dust and backdoors that magically stay closed for the bad guys, it's only a matter of time until we hear about these backdoors being used in bulk to find out who leaked a movie script or White House meeting. Or insulted a CEO or foreign leader.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:28pm

    Re: Committed to the rule of law

    rule of law.

    Think about it more like this.

    rule of the law.

    link to this | view in thread ]

  13. icon
    That One Guy (profile), 30 Mar 2017 @ 12:30pm

    Re:

    He's not an idiot, of that I am almost sure of. Dishonest, malicious, indifferent, a threat to privacy and security yes, but not stupid. He knows that what he's demanding will put huge numbers of people at risk, he just doesn't care so long as he comes out ahead.

    link to this | view in thread ]

  14. icon
    SteveMB (profile), 30 Mar 2017 @ 12:36pm

    > He feels it should be left up to customers whether or not they want that level of security.

    Customers have already voted "yes" with their dollars.

    link to this | view in thread ]

  15. identicon
    Alya, 30 Mar 2017 @ 12:36pm

    What do you want to bet...

    that his proposed back-door would not apply to government devices and/or communications?

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:39pm

    If these encrypted phones are evidence of such horrible crimes

    Then how is there no other evidence somewhere that it can actually be found? If the only evidence the accused left is on their phones, and there is no other trace, what did they do? Kill someone, incinerate the body, destroy all records the person existed, and mind-wipe everyone who might realize the victim is missing?

    link to this | view in thread ]

  17. icon
    Roger Strong (profile), 30 Mar 2017 @ 12:41pm

    I've said it before: We're all missing an opportunity here: We should be calling encryption "Digital Rights Management." Which it is, of course; DRM for the consumer.

    That way, powerful people who have declared jihad against encryption would be declaring jihad against DRM.

    link to this | view in thread ]

  18. icon
    SteveMB (profile), 30 Mar 2017 @ 12:41pm

    Re: Re:

    Actually, he *is* a bit stupid if he's unaware of the fact that in addition to losing all credibility with sensible people, he's lost all credibility with the politicians he needs to convince. So, Jimmy, who do you want to lobby first: the ones who hate your guts for screaming "E-Mail-Ghazi!" on the eve of the election, or the ones who hate your guts for telling everybody "The Trump Kremlin Connection is real and the Trump Tower Wiretap isn't"?

    link to this | view in thread ]

  19. identicon
    Sualocin, 30 Mar 2017 @ 12:43pm

    Re: What do you want to bet...

    Back when the Clinton administration was pushing mandated back-doors they wanted to exclude bankers as well as the government. The reason, given by Bill Clinton, was that "bankers are good citizens". As opposed to the rest of us, I suppose.

    link to this | view in thread ]

  20. identicon
    Sualocin, 30 Mar 2017 @ 12:45pm

    Re: Re:

    Dishonest, malicious, indifferent, a threat to privacy and security yes, but not stupid.

    I would argue that he's all of those.

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:45pm

    I wish he would explain why the cannot stop terrorists that they know about, and why they think that banning laptops and tablets in the cabin will prevent them being used as a bomb in the cargo hold.

    Over the last few years the problem has not been one of going dark, but rather failure to keep track of known risks, who often do not bother with encryption. They also seem to have the exploits they need to get into the electronics of suspecter terrorists, so I can only assume they are concentrating on trying to spy on non violent political opposition which can force governments to listen to their citizens, if they are not stopped from organizing the protests.

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:47pm

    Re: "If we can land a man on the moon, surely if we put our minds to it we can land a man on the sun."

    I support an effort to fund NASA to land James Coney on the sun as he desires.

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:52pm

    Don't listen

    Don't listen to James Comey, all he ever does is talk out of his back-door.

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 30 Mar 2017 @ 12:54pm

    Intel ME, amd PSP, cellular baseband.
    The lack of research/acknowledgment of these low level hardware issues grossly harms reporting on these issues. Please, for everyone's sake, do some research. You're failing to see past the propaganda narratives. It makes me not want to trust this site when you seam either inept or compromised.

    link to this | view in thread ]

  25. icon
    That One Guy (profile), 30 Mar 2017 @ 1:02pm

    Too dangerous not to

    If he was just some nutter on the street holding a sign about the evils of encryption then yes, it would be safe to ignore him.

    However when the person making those claims holds the position of FBI Director then you ignore them at your own risk, as you're talking about someone in a position of power holding a demonstrably dangerous idea and trying to get other people to believe it too.

    link to this | view in thread ]

  26. identicon
    kallethen, 30 Mar 2017 @ 1:06pm

    I think the Clipper chip was a good example of why what Comey is asking for is impossible. If there's a secret way to decrypt, it will not stay secret.

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 30 Mar 2017 @ 1:08pm

    Re:

    Just had very interesting thought.... One of the worries is that the key would be stolen and fall into the wrong hands.

    How many stingray devices do you think are currently "missing"? After all, they mount these things in police cars and drive around with them. I find it hard to believe one hasn't walked off, and you know if one got stolen the agency that lost it would never come forward and admit it publicly.

    link to this | view in thread ]

  28. icon
    Roger Strong (profile), 30 Mar 2017 @ 1:27pm

    Re: Re:

    America has several private companies - usually with board members in the revolving door to high-level government positions - that provide security services to Saudi Arabia, Bahrain and other non-democracies.

    I wonder how many of them stock Stingray devices. And how many would stock Comey's backdoor.

    link to this | view in thread ]

  29. icon
    Matthew Cline (profile), 30 Mar 2017 @ 1:59pm

    Re: Re: What do you want to bet...

    Back when the Clinton administration was pushing mandated back-doors they wanted to exclude bankers as well as the government.

    Could you provide a reference for this, or at least some keywords to search for? My Google-fu has been unable to turn up anything.

    link to this | view in thread ]

  30. identicon
    Lawrence D’Oliveiro, 30 Mar 2017 @ 2:11pm

    Why Don’t The NSA Do It?

    If the Government is so keen on a workable back-doored encryption system, why don’t they come up with one? The US Government employs the NSA, which (allegedly) has the largest and brightest pool of crypto talent on the planet. If anybody has the necessary hashtags to come up with such a scheme, wouldn’t it be them?

    Maybe President Trump can issue an Executive Order to that effect—could that be the missing sprinkling of magic pixie dust that is needed to kick-start the process?

    link to this | view in thread ]

  31. icon
    Roger Strong (profile), 30 Mar 2017 @ 2:40pm

    Re: Why Don’t The NSA Do It?

    That sounds like the NSA's Clipper Chip backdoor device, which was intended to be enthusiastically adopted by telecommunications companies for voice transmission.

    ...but that the strength of the Clipper chip's encryption could not be evaluated by the public as its design was classified secret, and that therefore individuals and businesses might be hobbled with an insecure communications system.

    And indeed it was quickly proven insecure.

    Further, it was pointed out that while American companies could be forced to use the Clipper chip in their encryption products, foreign companies could not, and presumably phones with strong data encryption would be manufactured abroad and spread throughout the world and into the United States, negating the point of the whole exercise, and, of course, materially damaging U.S. manufacturers en route.

    Just like Comey's plan.

    link to this | view in thread ]

  32. identicon
    Anonymous Coward, 30 Mar 2017 @ 2:42pm

    Re: Why Don’t The NSA Do It?

    This is a very good question.
    Nobody needs to get the full source code for programs or OS' in order to come up with a basic overview of how this could be achieved. Just a crude description or drawing would go a long way to prove his point, so why is it that he hasn't even shown that? It is not because they don't have access to the people, but because everyone he has gone to has said the same thing: "It can't (and shouldn't) be done!".
    I refuse to believe that he hasn't gotten the message 1000 times by now, so what I imagine he is doing now, is trying to get a good old regular backdoor without any regard for the consequences.
    It is almost as if you could believe that he were working for terrorists as hard as he is trying to create chaos and destroy the infrastructure.
    (As a note: No I don't really believe that... he is just a power-hungry, greedy, and stupid person)

    link to this | view in thread ]

  33. identicon
    Another Anon Coward, 30 Mar 2017 @ 2:47pm

    What if the encryption key is spread across several legal jurisdictions?

    Suppose the key is split into 12 parts and Apple transmits these partial keys to private key-holder companies in 12 independent nations. When the US government gets a warrant to open your iPhone, for instance, they ask 12 separate countries for their partial keys. Suppose the Swiss look at the warrant and decide its BS. Then no key. If 12 can agree, the key is complete and the end user and maybe the public is notified that a key has been surrendered.

    If a trust company is hacked, other trust companies are compelled by contract and local law to destroy their own keys. New keys only get generated when you decide to change your device password. Governments wanting to preserve the quick warrant process will defend their trust companies against hackers. If a trust company is threatened with legal action, an employee is jailed, or the private company becomes a public entity, any of the other private trust companies are free, under their local contract law, to destroy the keys entrusted to them by customers in other nations. It's MAD.

    The trick is to find 12 countries that don't necessarily like one another but who would value the key recovery mechanism.

    I suppose the mechanism would become politicized at times and keys might be shared under dubious circumstances somewhat like a cyber prisoner exchange in reverse. You may decide that the design should not require a unanimous decision in case of war, key spoilage or a company withholding keys out of spite. Still, key recovery could be very quick and the traditional notion of a warrant is restored.

    It's not one backdoor that any criminal can walk through once it has been discovered, it's twelve front doors that you have to walk through with an engraved invitation. Is it foolproof? No, but it's a lot better than a law saying every iPhone must have a single, common point of failure (backdoor) by design.

    Sorry I can't recall the academic paper where I saw this partial key escrow idea discussed.

    link to this | view in thread ]

  34. icon
    REM(RND) (profile), 30 Mar 2017 @ 2:51pm

    "His latest backdoor idea was floated at a national security symposium at the University of Texas" and he was laughed off the fucking stage; is how the sentence should have ended.

    link to this | view in thread ]

  35. identicon
    Sualocin, 30 Mar 2017 @ 2:59pm

    Re: Re: Re: What do you want to bet...

    Could you provide a reference for this, or at least some keywords to search for? My Google-fu has been unable to turn up anything.

    Yeah, I can't find it on-line anymore either. It seems to have been disappeared. I have an electronic copy of the article in which Bill is quoted as saying that, but the machine on which it is stored is currently off-line. Sorry.

    link to this | view in thread ]

  36. icon
    That One Guy (profile), 30 Mar 2017 @ 3:10pm

    Re:

    I'd lean more towards:

    "His latest backdoor idea was floated in his own home, no official organization so crazy as to invite him to speak at their event."

    Seriously, a national security symposium inviting someone who has been pushing an idea that would cause significant harm to national security(and security in general) is like an automobile symposium inviting someone who's a well known proponent of the idea that cars would really be better without those pesky 'brakes' or 'seatbelts'.

    I can only hope that whoever invited him did so merely to give the audience someone to laugh at, because the alternative, that they thought he had good ideas to present is insane.

    link to this | view in thread ]

  37. icon
    Roger Strong (profile), 30 Mar 2017 @ 3:20pm

    Re: What if the encryption key is spread across several legal jurisdictions?

    I certainly no expert on this but...

    Suppose a government requested the partial keys from the other 11 nations for a valid terrorism investigation. That government now has the entire key, negating the entire system from then on.

    So you need a system where the each key is retired after it's used. Every device notified and updated with a new key list. That notification/update system would no doubt be quickly owned by the NSA. Or whomever is running it could be ordered to hand over the full list.

    Even without that: The FBI and Border Patrol have thousands of phone that they'd like to get into. If turned down by the other countries for those investigations, they simply wait until the partial keys are turned over for an investigation everyone does agree on. And then they use it to unlock ALL the phones on hand.

    Am I wrong?

    link to this | view in thread ]

  38. icon
    Rapnel (profile), 30 Mar 2017 @ 4:32pm

    Re:

    lol - "secure encryption with backdoors"

    that's fucking funny.

    link to this | view in thread ]

  39. icon
    sigalrm (profile), 30 Mar 2017 @ 4:39pm

    Re: Re: What if the encryption key is spread across several legal jurisdictions?

    "Am I wrong?"

    Sort of. Crypto systems have been designed (and are in use) that allow for key splitting to occur (Require X of Y key holders to input a unique key to perform an operation), but while the concept is elegant, the implementations I've personally seen and used are somewhat clunky (although admittedly quite secure, within human limits)

    If you coupled that type of system above with a along with a hypothetical compliant, cryptographically perfect public key infrastructure, you could theoretically get to a point where every device had a PKI-Based Additional Decryption Key (ADK) burned into it at manufacture, with private keying material stored behind an X of Y key-split system.

    But from a practical perspective, you might as well start from the premise of a perfectly spherical, purple cow, because even if you could make the math flawless, the entire system has to be implemented flawlessly, including the legal and human elements, or it's ultimately going to become worthless.

    link to this | view in thread ]

  40. icon
    JoeCool (profile), 30 Mar 2017 @ 5:14pm

    Re: What if the encryption key is spread across several legal jurisdictions?

    Suppose the key is split into 12 parts and Apple transmits these partial keys to private key-holder companies in 12 independent nations. When the US government gets a warrant to open your iPhone, for instance, they ask 12 separate countries for their partial keys.

    Or they can simply demand Apple turn over the full key. Which do you think they'll do? They'd NEVER go for a partial key system as that would defeat the whole purpose behind backdoors in the first place - to give themselves an EASY and quick way to get into the device.

    link to this | view in thread ]

  41. icon
    Rapnel (profile), 30 Mar 2017 @ 5:14pm

    Re: What do you want to bet...

    Well that's just it. He wants military grade encryption to be a thing ..again(?). Now that post2k information sharing is a thing the doj has its foot in the door.. What would a king do with these sorts of tools? The Sheriff of Nottingham would surely get his share of the gold.

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 30 Mar 2017 @ 5:35pm

    This would work wonderfully. Until China, Russia or whichever country the US currently dislikes decides to use the "international framework" to get data from US companies/citizens. Then Comey will be back here, having another tantrum.

    link to this | view in thread ]

  43. icon
    Rapnel (profile), 30 Mar 2017 @ 5:36pm

    Once, when I was a child, I was very, very thirsty.
    There were coconuts in the trees. I tried very hard to get one of those coconuts.
    I imagined the cool liquid and knew it had exactly what I needed.
    I tried for a long time to get one of those coconuts.
    All of the coconut trees were very tall and I could not climb them.
    I had found the perfect sized rock and it bumped and missed and bumped again. A hundred times I threw that rock and a hundred times I failed.
    I could not make a coconut fall and on the rock's last drop I turned and I walked, even thirstier than I had been before, the longest mile so that I could quench my thirst.

    link to this | view in thread ]

  44. icon
    That One Guy (profile), 30 Mar 2017 @ 5:58pm

    Re: Why Don’t The NSA Do It?

    The tone of your comment has me thinking that it's more a rhetorical/sarcastic question, but assuming anyone sees it and honestly wonders the same...

    Because it would fail, completely, and having the government with it's massive funding fail on such a 'simple' task would make it much harder for them to then turn around and claim that less well funded groups would have no problem succeeding where they failed.

    There's also the fact that only a complete and utter lunatic would trust 'Securely Broken' encryption offered by the government at this point, given how much open contempt various government agencies have displayed towards public privacy and security in the last few years, but the primary reason is because they don't want to provide an example of how difficult the 'easy' task they're trying to dump on others actually is.

    link to this | view in thread ]

  45. icon
    MrTroy (profile), 30 Mar 2017 @ 9:10pm

    Middle fingers

    The phones he can't get into are apparently viewed as a personal insult -- a middle finger from device makers to the feds.

    I think keeping all malicious actors out is the primary intent of the "phones he can't get into".

    The middle finger to the feds does make for a nice cherry on top, though!

    link to this | view in thread ]

  46. This comment has been flagged by the community. Click here to show it
    identicon
    My_Name_Here, 30 Mar 2017 @ 10:00pm

    This news makes my cock hard. But I bet Masnick is going to censor my enduring affection for Comey. Sad!

    link to this | view in thread ]

  47. identicon
    Lawrence D’Oliveiro, 30 Mar 2017 @ 10:45pm

    Re: The tone of your comment has me thinking...

    ...but not actually reading, it seems.

    Necessary hashtags”, after all...

    link to this | view in thread ]

  48. icon
    Wryhta (profile), 31 Mar 2017 @ 3:40am

    I think people are missing the point

    This is actually very little to do with encryption or terrorism.

    It's to do with making the tech companies look unreasonable and the Democrats (and indeed any opposition) along side them.

    By shouting loudly that anyone with an opposing point of view is on the side of the terrorists, he can dirty the name of the opposition and show that he is on the of the "American" in the eyes of those who don't see (or care) about the truth. No change from the election.

    link to this | view in thread ]

  49. icon
    Prashanth (profile), 31 Mar 2017 @ 5:06am

    Supported by "no one"

    Really? I'd be a bit more concerned that this sort of response is now simultaneously coming from intelligence chiefs in the US, UK, and EU.

    link to this | view in thread ]

  50. icon
    Ninja (profile), 31 Mar 2017 @ 7:00am

    Re: Re: If he's so knowledgeable about what's possible...

    Comey harder?

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 31 Mar 2017 @ 7:15am

    Re:

    The whole going dark thing is a lie anyway. People have all kinds of devices in their homes now, "Internet Of Things" type devices with some really piss poor encryption that's easily hacked.

    link to this | view in thread ]

  52. identicon
    Anonymous Coward, 31 Mar 2017 @ 7:18am

    Re:

    Well the Clipper Chip was a U.S. only thing. So things U.S. company's made and sold in the U.S. were suppose to have it. What other country would allow those products sold in their own where the U.S. Government had easy access to those devices? That's just never going to work.

    Get the rest of the country on board and every country can spy on everyone around the world, that's more fair and all good in the name of stopping Terrorists.

    link to this | view in thread ]

  53. identicon
    Anonymous Coward, 31 Mar 2017 @ 7:22am

    Re: Re: Re: What if the encryption key is spread across several legal jurisdictions?

    I don't care how many keys are split, 2, 3, 4 and think that's any better then 1 key. Because those keys will end up being passed around to unlock whatever over and over again by hundreds of not thousands of people. It'll be leaked before hackers have a chance to even hack it.

    link to this | view in thread ]

  54. icon
    SteveMB (profile), 31 Mar 2017 @ 7:54am

    Re: Coconuts

    I hear that James Comey was once in the same position, and kept banging his head against the tree and screaming for somebody to repeal the law of gravity until the men in white coats showed up to rescue him.

    link to this | view in thread ]

  55. identicon
    Agent76, 31 Mar 2017 @ 8:06am

    The FBI’s Secret Rules

    President Trump has inherited a vast domestic intelligence agency with extraordinary secret powers. A cache of documents offers a rare window into the FBI’s quiet expansion since 9/11.

    https://theintercept.com/series/the-fbis-secret-rules/

    link to this | view in thread ]

  56. icon
    sigalrm (profile), 31 Mar 2017 @ 8:29am

    Re: Re: Re: Re: What if the encryption key is spread across several legal jurisdictions?

    I was addressing the specific question (above) of needing to rekey every device on the planet every time the master key was used, using an example based on a system I use on a regular basis.

    It wasn't a dissertation on how to design a system for Comey.

    And to address your point "the key being passed around": from a purely technically perspective, that could be addressed, too. It increases cost, and makes the system more burdensome to use, but at the end of the day you'd only reduce exposure in some areas and increase it in others.

    Any individual technical question could likely be addressed with technology we have today, at least at small scale.

    But when you combine the necessary technologies and scale to global proportions, the loss expectancies, risk, and threat profiles get really ugly, really fast.

    link to this | view in thread ]

  57. identicon
    Anonymous Coward, 4 Apr 2017 @ 10:30pm

    What a fool.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.