James Comey's New Idea: An International Encryption Backdoor Partnership
from the let's-all-share-the-pain-equally dept
FBI Director James Comey is still pitching encryption backdoors, despite there being almost no one -- from the Intelligence Community to legislators around the world -- interested in what he's selling. Comey claims to be sitting on a pile of encrypted devices the FBI can't get into, even with help from outside contractors.
His latest backdoor idea was floated at a national security symposium at the University of Texas. Knowing any legislated backdoors might result in US device customers turning to overseas suppliers, Comey thinks he can minimize domestic fiscal damage by getting the rest of the world to fall in line with an idea most foreign governments still find unpalatable, even as they suffer terrorist attacks with a far greater frequency than we do at home. Michael Kan has more details at ComputerWorld:
Speaking on Thursday, Comey suggested that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.
“I could imagine a community of nations committed to the rule of law developing a set of norms, a framework, for when government access is appropriate,” he said on Thursday.
Comey doesn't say how he plans to set this in motion. He's had no luck on the domestic front, so hoping for an "international framework" to spring into existence is, at best, inordinately hopeful. He directly addressed one of the many concerns device makers have about encryption backdoors, stating he had no desire to "chase innovation" out of the US. But that doesn't mean he's not interested in harming US innovation. He simply believes every country in the partnership should suffer equally.
As always happens when Comey opens his mouth about encryption, plenty of experts in the field are on hand to criticize his comments.
“I don’t think it makes sense,” said Nicholas Weaver, a researcher at the International Computer Science Institute at the University of California Berkeley.
Comey’s idea means that all countries will essentially agree to weaken the security in their vendors’ tech products, Weaver said. However, other countries will balk, fearing that the U.S. might exploit the cooperation for spying purposes.
“Would you still use a U.S. product, even if you know the NSA (National Security Agency) could have the rights to it?” he said.
Most of our allies around the world are still stinging a bit from multiple national security leaks -- some of which have exposed nearly as much intrusiveness of their own security agencies as they have about the NSA's reach and grasp. With the NSA heavily-involved in diverting hardware shipments to implant backdoors, no one's in any hurry to add their country to the list of "buyer beware" electronics.
Even if most of Europe agrees to weaken encryption to make law enforcement easier, there's no preventing non-partner countries from taking advantage of security holes to engage in greater domestic spying and civil rights abuses.
And, as is always the case when Comey opens his mouth about encryption, it's again suggested the nerds of the world are simply not applying themselves when it comes to "safe" backdoors.
[O]n Thursday, Comey said the tech industry can find an approach that creates government access, while keeping malicious actors out.
“I reject the, ‘it’s impossible’ response,” he said. “I just think we haven’t actually tried it.”
Counterpoint from Nate Cardozo of the EFF:
“It’s childish to stomp your foot, and say, ‘nerds you have to try harder,’” Cardozo said.
That's Comey all over: insisting he's right despite nearly no one else in the world agreeing with him. The phones he can't get into are apparently viewed as a personal insult -- a middle finger from device makers to the feds. He claims device makers shouldn't "decide how [their customers] live" by providing default encryption. He feels it should be left up to customers whether or not they want that level of security.
He makes this claim while pitching backdoors that remove that choice, allowing the FBI to tell Americans how to live: less securely, because criminals and terrorism. Again, classic Comey -- who handles every discussion of encryption like a child. He's not guileless, not by far. But he so deeply believes in the inherent "rightness" of his arguments that he's unable to see their inconsistency and incoherence. Or worse, he does... but just doesn't care.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, encryption, fbi, going dark, james comey
Reader Comments
Subscribe: RSS
View by: Time | Thread
I guess he never bothered to read the history books about the last time this was done. Seem to remember just a few years ago someone exploited a flaw left over from that. Something to do with browser downgrading encryption when asked because at the time we couldn't "export strong encryption"
This idiot really should be forced to go back to school and retake those math classes he obviously flunked or cheated his way through.
[ link to this | view in thread ]
If he's so knowledgeable about what's possible...
[ link to this | view in thread ]
It's not a backdoor
[ link to this | view in thread ]
What Comey wants is similar to the Indiana Legislature trying to legislate the value of PI. They didn't like irrational numbers.
Comey is an idiot.
[ link to this | view in thread ]
Dear America...
Love,
China Russia Alliance on Prevention of Crime
CRAPC
[ link to this | view in thread ]
[ link to this | view in thread ]
Committed to the rule of law
But when someone says they are committed to the rule of law, I tend to assume, or I used to assume that means they support things like citizens' right to have private encrypted communications and data storage.
When these two things no longer go together it is a sign that the country is sick. The laws, at least in part, are no longer to protect the citizens, but at least in part to work against them.
[ link to this | view in thread ]
Re:
Despite being irrational themselves. Imagine that.
[ link to this | view in thread ]
Re: If he's so knowledgeable about what's possible...
Don't tell me it's impossible.
I reject the 'it's impossible' response. I think you just haven't actually tried it.
[ link to this | view in thread ]
"If we can land a man on the moon, surely if we put our minds to it we can land a man on the sun."
... yeah, his 'nerd harder' mantra is that stupid.
Mind, I said the mantra is stupid, not the man, because I rather doubt he himself is that stupid, rather he's just incredibly dishonest and focused only on making his job easier, no matter the damage it will cause if he ever manages to con a government into following him.
He's a massive threat to public safety and security, and it's not because he's too stupid to realize it, he just doesn't care.
[ link to this | view in thread ]
Sharing the backdoor password internationally - to multiple agencies in every other country - will only add redundancy to the backdoor being leaked/found/exploited by the bad guys.
But contrary to this article, it's not a new idea. There was never any question that a backdoor would be shared. Germany, Japan, Russia and the rest would never accept phones being sold in their countries with that foreign-controlled backdoor, unless they too have access. Remove that backdoor (not that they'd trust it to be gone) and Americans can simply import phones from those countries. Or just import the OS updates.
Even in a world with unicorns and magic pixie dust and backdoors that magically stay closed for the bad guys, it's only a matter of time until we hear about these backdoors being used in bulk to find out who leaked a movie script or White House meeting. Or insulted a CEO or foreign leader.
[ link to this | view in thread ]
Re: Committed to the rule of law
Think about it more like this.
rule of the law.
[ link to this | view in thread ]
Re:
He's not an idiot, of that I am almost sure of. Dishonest, malicious, indifferent, a threat to privacy and security yes, but not stupid. He knows that what he's demanding will put huge numbers of people at risk, he just doesn't care so long as he comes out ahead.
[ link to this | view in thread ]
Customers have already voted "yes" with their dollars.
[ link to this | view in thread ]
What do you want to bet...
[ link to this | view in thread ]
If these encrypted phones are evidence of such horrible crimes
Then how is there no other evidence somewhere that it can actually be found? If the only evidence the accused left is on their phones, and there is no other trace, what did they do? Kill someone, incinerate the body, destroy all records the person existed, and mind-wipe everyone who might realize the victim is missing?
[ link to this | view in thread ]
That way, powerful people who have declared jihad against encryption would be declaring jihad against DRM.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: What do you want to bet...
Back when the Clinton administration was pushing mandated back-doors they wanted to exclude bankers as well as the government. The reason, given by Bill Clinton, was that "bankers are good citizens". As opposed to the rest of us, I suppose.
[ link to this | view in thread ]
Re: Re:
I would argue that he's all of those.
[ link to this | view in thread ]
Over the last few years the problem has not been one of going dark, but rather failure to keep track of known risks, who often do not bother with encryption. They also seem to have the exploits they need to get into the electronics of suspecter terrorists, so I can only assume they are concentrating on trying to spy on non violent political opposition which can force governments to listen to their citizens, if they are not stopped from organizing the protests.
[ link to this | view in thread ]
Re: "If we can land a man on the moon, surely if we put our minds to it we can land a man on the sun."
[ link to this | view in thread ]
Don't listen
[ link to this | view in thread ]
The lack of research/acknowledgment of these low level hardware issues grossly harms reporting on these issues. Please, for everyone's sake, do some research. You're failing to see past the propaganda narratives. It makes me not want to trust this site when you seam either inept or compromised.
[ link to this | view in thread ]
Too dangerous not to
If he was just some nutter on the street holding a sign about the evils of encryption then yes, it would be safe to ignore him.
However when the person making those claims holds the position of FBI Director then you ignore them at your own risk, as you're talking about someone in a position of power holding a demonstrably dangerous idea and trying to get other people to believe it too.
[ link to this | view in thread ]
I think the Clipper chip was a good example of why what Comey is asking for is impossible. If there's a secret way to decrypt, it will not stay secret.
[ link to this | view in thread ]
Re:
How many stingray devices do you think are currently "missing"? After all, they mount these things in police cars and drive around with them. I find it hard to believe one hasn't walked off, and you know if one got stolen the agency that lost it would never come forward and admit it publicly.
[ link to this | view in thread ]
Re: Re:
I wonder how many of them stock Stingray devices. And how many would stock Comey's backdoor.
[ link to this | view in thread ]
Re: Re: What do you want to bet...
Could you provide a reference for this, or at least some keywords to search for? My Google-fu has been unable to turn up anything.
[ link to this | view in thread ]
Why Don’t The NSA Do It?
Maybe President Trump can issue an Executive Order to that effect—could that be the missing sprinkling of magic pixie dust that is needed to kick-start the process?
[ link to this | view in thread ]
Re: Why Don’t The NSA Do It?
That sounds like the NSA's Clipper Chip backdoor device, which was intended to be enthusiastically adopted by telecommunications companies for voice transmission.
And indeed it was quickly proven insecure.
Just like Comey's plan.
[ link to this | view in thread ]
Re: Why Don’t The NSA Do It?
Nobody needs to get the full source code for programs or OS' in order to come up with a basic overview of how this could be achieved. Just a crude description or drawing would go a long way to prove his point, so why is it that he hasn't even shown that? It is not because they don't have access to the people, but because everyone he has gone to has said the same thing: "It can't (and shouldn't) be done!".
I refuse to believe that he hasn't gotten the message 1000 times by now, so what I imagine he is doing now, is trying to get a good old regular backdoor without any regard for the consequences.
It is almost as if you could believe that he were working for terrorists as hard as he is trying to create chaos and destroy the infrastructure.
(As a note: No I don't really believe that... he is just a power-hungry, greedy, and stupid person)
[ link to this | view in thread ]
What if the encryption key is spread across several legal jurisdictions?
If a trust company is hacked, other trust companies are compelled by contract and local law to destroy their own keys. New keys only get generated when you decide to change your device password. Governments wanting to preserve the quick warrant process will defend their trust companies against hackers. If a trust company is threatened with legal action, an employee is jailed, or the private company becomes a public entity, any of the other private trust companies are free, under their local contract law, to destroy the keys entrusted to them by customers in other nations. It's MAD.
The trick is to find 12 countries that don't necessarily like one another but who would value the key recovery mechanism.
I suppose the mechanism would become politicized at times and keys might be shared under dubious circumstances somewhat like a cyber prisoner exchange in reverse. You may decide that the design should not require a unanimous decision in case of war, key spoilage or a company withholding keys out of spite. Still, key recovery could be very quick and the traditional notion of a warrant is restored.
It's not one backdoor that any criminal can walk through once it has been discovered, it's twelve front doors that you have to walk through with an engraved invitation. Is it foolproof? No, but it's a lot better than a law saying every iPhone must have a single, common point of failure (backdoor) by design.
Sorry I can't recall the academic paper where I saw this partial key escrow idea discussed.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re: What do you want to bet...
Yeah, I can't find it on-line anymore either. It seems to have been disappeared. I have an electronic copy of the article in which Bill is quoted as saying that, but the machine on which it is stored is currently off-line. Sorry.
[ link to this | view in thread ]
Re:
I'd lean more towards:
"His latest backdoor idea was floated in his own home, no official organization so crazy as to invite him to speak at their event."
Seriously, a national security symposium inviting someone who has been pushing an idea that would cause significant harm to national security(and security in general) is like an automobile symposium inviting someone who's a well known proponent of the idea that cars would really be better without those pesky 'brakes' or 'seatbelts'.
I can only hope that whoever invited him did so merely to give the audience someone to laugh at, because the alternative, that they thought he had good ideas to present is insane.
[ link to this | view in thread ]
Re: What if the encryption key is spread across several legal jurisdictions?
Suppose a government requested the partial keys from the other 11 nations for a valid terrorism investigation. That government now has the entire key, negating the entire system from then on.
So you need a system where the each key is retired after it's used. Every device notified and updated with a new key list. That notification/update system would no doubt be quickly owned by the NSA. Or whomever is running it could be ordered to hand over the full list.
Even without that: The FBI and Border Patrol have thousands of phone that they'd like to get into. If turned down by the other countries for those investigations, they simply wait until the partial keys are turned over for an investigation everyone does agree on. And then they use it to unlock ALL the phones on hand.
Am I wrong?
[ link to this | view in thread ]
Re:
that's fucking funny.
[ link to this | view in thread ]
Re: Re: What if the encryption key is spread across several legal jurisdictions?
Sort of. Crypto systems have been designed (and are in use) that allow for key splitting to occur (Require X of Y key holders to input a unique key to perform an operation), but while the concept is elegant, the implementations I've personally seen and used are somewhat clunky (although admittedly quite secure, within human limits)
If you coupled that type of system above with a along with a hypothetical compliant, cryptographically perfect public key infrastructure, you could theoretically get to a point where every device had a PKI-Based Additional Decryption Key (ADK) burned into it at manufacture, with private keying material stored behind an X of Y key-split system.
But from a practical perspective, you might as well start from the premise of a perfectly spherical, purple cow, because even if you could make the math flawless, the entire system has to be implemented flawlessly, including the legal and human elements, or it's ultimately going to become worthless.
[ link to this | view in thread ]
Re: What if the encryption key is spread across several legal jurisdictions?
Or they can simply demand Apple turn over the full key. Which do you think they'll do? They'd NEVER go for a partial key system as that would defeat the whole purpose behind backdoors in the first place - to give themselves an EASY and quick way to get into the device.
[ link to this | view in thread ]
Re: What do you want to bet...
[ link to this | view in thread ]
[ link to this | view in thread ]
There were coconuts in the trees. I tried very hard to get one of those coconuts.
I imagined the cool liquid and knew it had exactly what I needed.
I tried for a long time to get one of those coconuts.
All of the coconut trees were very tall and I could not climb them.
I had found the perfect sized rock and it bumped and missed and bumped again. A hundred times I threw that rock and a hundred times I failed.
I could not make a coconut fall and on the rock's last drop I turned and I walked, even thirstier than I had been before, the longest mile so that I could quench my thirst.
[ link to this | view in thread ]
Re: Why Don’t The NSA Do It?
The tone of your comment has me thinking that it's more a rhetorical/sarcastic question, but assuming anyone sees it and honestly wonders the same...
Because it would fail, completely, and having the government with it's massive funding fail on such a 'simple' task would make it much harder for them to then turn around and claim that less well funded groups would have no problem succeeding where they failed.
There's also the fact that only a complete and utter lunatic would trust 'Securely Broken' encryption offered by the government at this point, given how much open contempt various government agencies have displayed towards public privacy and security in the last few years, but the primary reason is because they don't want to provide an example of how difficult the 'easy' task they're trying to dump on others actually is.
[ link to this | view in thread ]
Middle fingers
I think keeping all malicious actors out is the primary intent of the "phones he can't get into".
The middle finger to the feds does make for a nice cherry on top, though!
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: The tone of your comment has me thinking...
...but not actually reading, it seems.
“Necessary hashtags”, after all...
[ link to this | view in thread ]
I think people are missing the point
It's to do with making the tech companies look unreasonable and the Democrats (and indeed any opposition) along side them.
By shouting loudly that anyone with an opposing point of view is on the side of the terrorists, he can dirty the name of the opposition and show that he is on the of the "American" in the eyes of those who don't see (or care) about the truth. No change from the election.
[ link to this | view in thread ]
Supported by "no one"
[ link to this | view in thread ]
Re: Re: If he's so knowledgeable about what's possible...
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
Get the rest of the country on board and every country can spy on everyone around the world, that's more fair and all good in the name of stopping Terrorists.
[ link to this | view in thread ]
Re: Re: Re: What if the encryption key is spread across several legal jurisdictions?
[ link to this | view in thread ]
Re: Coconuts
[ link to this | view in thread ]
The FBI’s Secret Rules
https://theintercept.com/series/the-fbis-secret-rules/
[ link to this | view in thread ]
Re: Re: Re: Re: What if the encryption key is spread across several legal jurisdictions?
It wasn't a dissertation on how to design a system for Comey.
And to address your point "the key being passed around": from a purely technically perspective, that could be addressed, too. It increases cost, and makes the system more burdensome to use, but at the end of the day you'd only reduce exposure in some areas and increase it in others.
Any individual technical question could likely be addressed with technology we have today, at least at small scale.
But when you combine the necessary technologies and scale to global proportions, the loss expectancies, risk, and threat profiles get really ugly, really fast.
[ link to this | view in thread ]
[ link to this | view in thread ]