DOJ Continues Its Push For Encryption Backdoors With Even Worse Arguments

from the let-us-save-you-from-your-security dept

Early last week, the Deputy Attorney General (Rod Rosenstein) picked up the recently-departed James Comey's Torch of Encroaching Darkness +1 and delivered one of the worst speeches against encryption ever delivered outside of the UK.

Rosenstein apparently has decided UK government officials shouldn't have a monopoly on horrendous anti-encryption arguments. Saddling up his one-trick pony, the DAG dumped out a whole lot of nonsensical words in front of a slightly more receptive audience. Speaking at the Global Cyber Security Summit in London, Rosenstein continued his crusade against encryption using counterintuitive arguments.

After name-dropping his newly-minted term -- responsible encryption™ -- Rosenstein stepped back to assess the overall cybersecurity situation. In short, it is awful. Worse, perhaps, than Rosenstein's own arguments. Between the inadvertently NSA-backed WannaCry ransomware, the Kehlios botnet, dozens of ill-mannered state actors, and everything else happening seemingly all at once, the world's computer users could obviously use all the security they can get.

Encryption is key to security. Rosenstein agrees… up to a point. He wants better security for everyone, unless those everyones are targeted by search warrants. Then they have too much encryption.

Encryption is essential. It is a foundational element of data security and authentication. It is central to the growth and flourishing of the digital economy. We in law enforcement have no desire to undermine encryption.

But “warrant-proof” encryption poses a serious problem.

Well, you can't really have both secure encryption and law enforcement-friendly encryption. Rosenstein knows this just as surely as Comey knew it. That didn't stop Comey from pretending it was all about tech company recalcitrance. The same goes for Rosenstein who, early on in his speech, plays a shitty version of Sympathy for the Tech Devil by using the phrase "competitive forces" as a stand-in for "profit seeking" when speaking about the uptick in default encryption.

The underlying message of his last speech was that American tech companies should spurn profits for helping out the government by unwrapping one end of end-to-end encryption. The same pitch is made here, softened slightly in the lede thanks to the presence of UK tech companies in the audience. The language may be less divisive, but the arguments are no less stupid this time around.

In the United States, when crime is afoot, impartial judges are responsible for balancing a citizen’s reasonable expectation of privacy against the interests of law enforcement. The law recognizes that legitimate law enforcement needs can outweigh personal privacy concerns. That is how we obtain search warrants for homes and court orders to require witnesses to testify.

Warrant-proof encryption overrides our ability to balance privacy and security. Our society has never had a system where evidence of criminal wrongdoing was impervious to detection by officers acting with a court-authorized warrant. But that is the world that technology companies are creating.

I'm not sure what this "system" is Rosenstein speaks about, but there has always been evidence that's eluded the grasp of law enforcement. Prior to common telephone use, people still communicated criminal plans but no one insisted citizens hold every conversation within earshot of law enforcement. Even in a digital world, evidence production isn't guaranteed, even when encryption isn't a factor.

Going on from there, the rest of speech is pretty much identical to his earlier one. In other words: really, really bad and really, really wrong.

Rosenstein believes the government should be able to place its finger on the privacy/security scale without being questioned or stymied by lowly citizens or private companies. Even if he's right about that (he isn't), he's wrong about the balance. This isn't privacy vs. security. This is security vs. insecurity. For a speech so front-loaded with tales of security breaches and malicious hacking, the back end is nothing more than bad arguments for weakened encryption -- something the government may benefit from, but will do nothing to protect people from malicious hackers or malicious governments.

All the complaints about a skewed balance are being presented by an entity that's hardly a victim. Electronic devices -- particularly cellphones -- generate an enormous amount of data that's not locked behind encryption. The government can -- without a warrant -- track your movements, either post-facto, or with some creative paperwork, in real time. Tons of other "smart" devices are generating a wealth of records only a third party and a subpoena away. And that's just the things citizens own. This says nothing about the wealth of surveillance options already deployed by the government and those waiting in the wings for the next sell off of civil liberties

It also should be noted Rosenstein is trying to make "responsible encryption" a thing. He obviously wants the word "backdoor" erased from the debate. While it's tempting to sympathize with Rosenstein's desire to take a loaded word out of the encryption debate lexicon, the one he's replacing it with is worse. As Rob Graham at Errata Security points out, the new term is loaded language itself, especially when attached to Rosenstein's bullshit metric: "measuring success in prevented crimes and saved lives."

I feel for Rosenstein, because the term "backdoor" does have a pejorative connotation, which can be considered unfair. But that's like saying the word "murder" is a pejorative term for killing people, or "torture" is a pejorative term for torture. The bad connotation exists because we don't like government surveillance. I mean, honestly calling this feature "government surveillance feature" is likewise pejorative, and likewise exactly what it is that we are talking about.

Then there's the problem with Rosenstein deploying rhetorical dodges in his discussions about encryption, which presumably include a number of government officials. Alex Gaynor, who worked for the United States Digital Service and participated in the Obama Administration's discussion of potential encryption backdoors, points out Rosenstein's abuse of his position.

Mr. Rosenstein plainly wants to reopen the "going dark" debate that began under the previously administration, spearheaded by FBI Director Jim Comey. While I disagree vehemently with him, it's a valid policy position - and I have every reason to believe him that there are investigations in which encryption does hamper the Justice Department and FBI's ability to investigate. However, he is not entitled to mislead the public in order to make that point. And make no mistake. Attempting to use the spectre of familiar computer security challenges in order to make the argument that his policy is necessary, even though his policy has nothing to do with these challenges, is the height of intellectual dishonesty.

There's an endgame to Rosenstein's dishonest rhetoric. And it won't be tech companies being guilted into participating in his "responsible encryption" charade. It will be backdoors. And they will be legislated.

The Deputy Attorney General says that he is interested in "frank discussion". However, his actual remarks demonstrate he is interested in anything but -- his goal is to secure legislation akin to CALEA for your cellphone, and he doesn't care who he has to mislead to accomplish this. Mr. Deputy Attorney General, I expect better.

This is what the DOJ wants. But Rosenstein is too weak-willed to say it out loud. So he spouts this contradictory, misleading, wholly asinine garbage to whatever audience will have him. Rosenstein is obtuse enough to be dangerous. Fortunately, most legislators (so far) seem unwilling to sacrifice the security of citizens on the altar of lawful access.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoors, doj, going dark, james comey, nerd harder, responsible encryption, rod rosenstein


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    That One Guy (profile), 16 Oct 2017 @ 4:34am

    No need to pull punches

    But Rosenstein is too weak-willed to say it out loud.

    No, he's too dishonest.

    Were he honest he'd flat out admit that he is against any form of encryption that he can't break on demand, in other words any encryption that works.

    He would admit that he knows that broken encryption would be an absolute gold-mine to the very criminals he claims to want to stop, but that he considers that a price he's willing to have the public pay. That he considers the harm that will result from weakening encryption an acceptable trade for any gains he might achieve.

    He would stop trying to blame the companies for fighting to keep the 'responsible (read: working) encryption' they have in place, stop trying to make them out to be holding their ground purely for monetary purposes while the poor, beleaguered government only wants broken encryption for the very best of purposes.

    It's not a 'weak will' that keeps him from admitting to these things, it's a lack of honesty and a clear willingness to lie and mislead if it achieves his aims.

    link to this | view in thread ]

  2. icon
    hij (profile), 16 Oct 2017 @ 5:22am

    Responsible encryption would be great

    After name-dropping his newly-minted term -- "responsible encryption™

    Actually, this idea is not so new. Many people have been discussing this for a quite a while, most notably folks like Bruce Schneier. There are responsible ways to implement encryption, and the notion that this term is being hijacked to mean exactly the opposite of what it currently means is a bit frightening. Changing the meaning of important terms is the modus operandi of important people who want to openly lie and deceive.

    link to this | view in thread ]

  3. icon
    aerinai (profile), 16 Oct 2017 @ 5:45am

    Can someone give me an example???

    For too long; us techies have had to listen to this drivel come out of the mouths of Rosenstein & Co. I think it is high time we demand from them a working copy of their so-called 'responsible encryption'. Show me one real life example of this working and secure.

    Oh wait... it doesn't exist? Hmmm... fancy that.


    Side Note: Just today there was another example of RSA encryption falling apart on public key generation since 2012 that opened up vulnerabilities. Some of the most talented people in the world are working on this stuff and they still aren't perfect 100% of the time when guarding one door. Good luck guarding a second (or 3rd, 4th, and 5th once other countries demand the same).

    link to this | view in thread ]

  4. icon
    DaveinCanada (profile), 16 Oct 2017 @ 6:28am

    CALEA

    I like that your article got me to read more...CALEA came about in '94 (Clinton) and two sentences in the Wiki article struck me.

    "In the years since CALEA was passed it has been greatly expanded to include all VoIP and broadband Internet traffic. From 2004 to 2007 there was a 62 percent growth in the number of wiretaps performed under CALEA – and more than 3,000 percent growth in interception of Internet data such as email."

    just another, earlier example of mission creep.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 16 Oct 2017 @ 6:29am

    When governments follow their own freedom of infomation laws, it might be possible to discuss government requirement to access citizens data. But otherwise all they are doing is creating an infomation disparity where they have all the information they need to control the citizens, while keeping the data the citizens need to control the government hidden behind official secrets and state security concerns, despite FOI laws.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 16 Oct 2017 @ 6:59am

    MyNameHere to the apologism defense in 3, 2, 1...

    link to this | view in thread ]

  7. icon
    Stephen T. Stone (profile), 16 Oct 2017 @ 7:13am

    I have a deal to offer the DOJ.

    You can have “responsible encryption” when you prove you can be “responsible” with it.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 16 Oct 2017 @ 7:21am

    both secure encryption and law enforcement-friendly encryption

    That's about as unobtainable as an educated, integer politician.

    link to this | view in thread ]

  9. icon
    ThatDevilTech (profile), 16 Oct 2017 @ 7:22am

    Here's a thought

    For all of the idiots that say "just do it" let's do it and put it on THEIR bank accounts and see how long before the accounts are wiped out. Encryption is important for so many day-to-day transactions and duties. Let's give them what they want but test it on their accounts first.

    Of course, when it fails, they'll say it wasn't done "right" but it was done exactly how they asked it to be done. They got what they wanted, but didn't like the results. Imagine that...

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 16 Oct 2017 @ 7:29am

    Re: integer politician

    _That's about as unobtainable as an educated, integer politician._

    You are looking in the wrong places, in northern Europe they are not that hard to find...

    link to this | view in thread ]

  11. identicon
    thkrqyV9DV76Bx2b, 16 Oct 2017 @ 7:30am

    Backdoors

    I know! Let's redesign all guns so that police have a capability of remotely disabling them!
    I feel safer already...

    link to this | view in thread ]

  12. identicon
    Christenson, 16 Oct 2017 @ 7:32am

    Encryption and Computers

    But...the real lesson of all these breaches is that computers are *terrible* at keeping secrets! The copying happens all too easily, and storage is ever cheaper!

    The expert that said he wanted his GPG crypto system to be able to *forget*, or at least disavow some of his youthful indiscretions had a point.

    link to this | view in thread ]

  13. icon
    Todd Shore (profile), 16 Oct 2017 @ 7:44am

    Poor Security from the Government

    I think it is important that the government be upfront on the real risks that they are facing. The "why" of why they are doing this. Countries are at real risk from outside influence and coordinated attack by outside state and possibly private actors. Effectively, the physical borders are gone and attach can happen at any level.
    I agree that responsible encryption is important. The responsibility is to thwart attack. The problem is that being blind to traffic is not the biggest threat to the government, it is penetration.
    If they expect that can work to a state where they can view all traffic, those days have gone. They need to focus on penetration and hardening and help companies, state and local governments, and citizens to harden openings in their communications such as firewalls, tunnels, and encryption as well as secure ways to harden accessing of those communications such as sandboxing and process filtering so that penetration isn't compromised by receipt of communications.
    That is the government's responsibility to the country, whatever country it may be. Ours isn't doing very well.
    It just allowed its key system to be compromised with the Equifax hack of the security through obscurity SSN method of identification. How long is that going to take to remediate
    vs. Esontia?
    If the US government feels the need to get with business to talk about encryption, it should always keep an eye to ensuring it is unbreakable and public. Public scrutiny is important for rooting out flaws.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 16 Oct 2017 @ 7:46am

    "responsible" defn

    adj trustworthy, mature

    Oops! Got the wrong word...

    link to this | view in thread ]

  15. icon
    Dave Cortright (profile), 16 Oct 2017 @ 7:49am

    I'll be in your base killing your dudes

    If you have a known back door, anyone who really wants to is going to get through it. So only the ill-informed or lazy would ever use it.

    Meanwhile, the rest of the world—which last I checked the US still does not control—will continue to use the real thing. So the US would essentially be putting themselves at a huge disadvantage.

    SMH

    link to this | view in thread ]

  16. icon
    Roger Strong (profile), 16 Oct 2017 @ 7:49am

    Re:

    It's not just the DOJ. It's every other government agency in every other country that will demand the backdoor. And make no mistake; it the US government has a backdoor, other governments will demand it too.

    Consider the Stinger cell phone mass surveillance devices, intended for intelligence and anti-terrorism work. Now more than a dozen federal agencies have them. And many state and local police forces in the US in Canada, Britain and elsewhere. There's a large list of private companies who will sell them to any totalitarian government who wants them.

    You won't just have to trust the DOJ; you'll have to trust ALL of the other agencies in ALL the other countries to keep that backdoor password a secret.

    link to this | view in thread ]

  17. icon
    Roger Strong (profile), 16 Oct 2017 @ 7:57am

    Reporter: How long until Rod Rosenstein cites Denuvo as an example of responsible, unbreakable encryption?

    Gamer: Go away.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 16 Oct 2017 @ 8:07am

    Re:

    "You can have “responsible encryption” when you prove you can be “responsible” with it."

    Clever, but impossible as there is no such thing.

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 16 Oct 2017 @ 8:10am

    Re: Poor Security from the Government

    "I agree that responsible encryption is important."


    No such thing.

    link to this | view in thread ]

  20. identicon
    boomslang, 16 Oct 2017 @ 8:12am

    Larger issue

    "Allow me to conclude with this thought: There is no constitutional right to sell warrant-proof encryption."

    USA citizens live in a country where anything that is not forbidden by law is legal. We do not live in a country where we may only act in ways the law prescribes. This is so fundamental to the values of our country that no one who believes otherwise should be allowed to hold the post of deputy attoney general.

    link to this | view in thread ]

  21. identicon
    JeffR, 16 Oct 2017 @ 8:32am

    Just mandate the use of the Infineon libraries...

    All they need to do is mandate that everyone use the Infineon library to generate their keys.. like include it in a standard that you have to use to sell to government.. like say.. FIPS-140-2

    Oh, wait..

    https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-secu rity-keys-750k-estonian-ids/

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 16 Oct 2017 @ 8:32am

    If a back door is put in place, the security services will soon bypass the warrant requirement, so that they can spy on everybody more effectively.

    link to this | view in thread ]

  23. identicon
    Rich Kulawiec, 16 Oct 2017 @ 8:40am

    Re: Can someone give me an example???

    I'll second this. One of the principles that underpins the IETF is that we (collectively) believe in rough consensus and running code.

    So if Rosenstein (or anybody else) want to persuade us to take them seriously, then they need to put a reference implementation of their proposed cryptographic standard on the table for study and discussion.

    Put up or shut up.

    link to this | view in thread ]

  24. identicon
    David, 16 Oct 2017 @ 8:54am

    Oh, it fits.

    Well, you can't really have both secure encryption and law enforcement-friendly encryption.

    But that does not preclude you from getting a budget for it. Putting a round peg in a square hole just requires a big enough hydraulic press. Of course, afterwards neither the peg will be round nor the hole will be square. But that does not preclude you from writing a success report.

    link to this | view in thread ]

  25. icon
    Ryunosuke (profile), 16 Oct 2017 @ 8:56am

    Re: No need to pull punches

    like, you know, hacking elections, draining bank accounts, fucking up the stock markets, making the economy crash, releasing highly classified emails (Hillary Clinton anyone?)


    but but... We gotta stop those criminals from selling weed!

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 16 Oct 2017 @ 8:56am

    I think there is a misunderstanding of what is going on here. If encryption and strong security become widespread, and criminals are unable to steal from citizens then why would we need to send millions of dollars to the FBI to fight computer crime?

    After all, if the criminals can't get in then there would be no need, and when money is involved you can bet there will be disingenuous arguments to keep the flow going...

    link to this | view in thread ]

  27. identicon
    Rekrul, 16 Oct 2017 @ 9:12am

    What really pisses me off is how they all say things like "legal warrant" and "lawful access" with a straight face. If the government and law enforcement had bee using legal warrants and lawful access, people wouldn't be rushing to encrypt everything now.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 16 Oct 2017 @ 9:14am

    So is responsible transportation slashing your own tires?

    link to this | view in thread ]

  29. identicon
    boomslang, 16 Oct 2017 @ 9:16am

    Re:

    Don't forget about criminal entities trying to break into secured system. These are the real adversaries. I don't care what inflammatory things people say in TechDirt comments, but you're probably not being assigned a special FBI task force. You're more likely to be popped by a criminal than by law enforcement. The problem is that the latter scenario can be a bit more terrifying.

    link to this | view in thread ]

  30. identicon
    bshock, 16 Oct 2017 @ 9:25am

    This "warrant-proof encryption" nonsense reminds me of Traitor Diane Feinstein's insistence that no one had the right to keep any secrets from law enforcement. This in turn reminded me of how in the state Feinstein mis-represents (California, where I live) it's actually illegal to own bullet resistant clothing. So not only do the authoritarians believe that you should have no right to privacy, they also believe you have no right to continued existence. I can't help remembering that silly David Lynch version of "Dune," where everyone on the planet of the evil Harkonnen regime have heart-plug implants, apparently so that the authorities could rip them out to kill you on the slightest hint of transgression.

    Maybe the future U.S. will be gentler -- maybe they'll just require all of us to have "stun chip" implants, so our betters can press a button and stop us in our tracks if we become inconvenient.

    link to this | view in thread ]

  31. identicon
    christenson, 16 Oct 2017 @ 9:30am

    Re: Where to put the money

    IMHO, the place to put the millions is on how to return ownership of computers to their physical possessors...

    That is, research into how to make things like stuxnet impossible by design by bounding the behavior of software.

    Right now, God only knows where *else* this comment went besides just Techdirt!

    link to this | view in thread ]

  32. identicon
    Anonymous Coward, 16 Oct 2017 @ 9:36am

    Re:

    "When governments follow their own freedom of infomation laws, it might be possible to discuss government requirement to access citizens data."


    Non Sequitur.

    There is no requirement to pilfer thru everyone's stuff on some sort of highfalutin fishing expedition - but there is a requirement to keep the government "honest" ... (smirk)

    link to this | view in thread ]

  33. icon
    Groaker (profile), 16 Oct 2017 @ 9:40am

    Robert Heinlein once bespoke an apocryphal tale about the development of a flying horse. Line up all the horses, and push them over a cliff. Perhaps one will eventually fly.

    Our government is on a similar track with backdoors. Give a mathematician, computer scientist or other tech a week to come up with a backdoor, and should the individual fail, execute him. Perhaps one will eventually find a backdoor that only lets nice people in.

    link to this | view in thread ]

  34. identicon
    David, 16 Oct 2017 @ 10:02am

    Re: Re:

    > If the government and law enforcement had bee using legal warrants and lawful access, people wouldn't be rushing to encrypt everything now.

    Don't forget about criminal entities trying to break into secured system.

    You are being redundant.

    link to this | view in thread ]

  35. icon
    afn29129 (profile), 16 Oct 2017 @ 10:21am

    Re:

    Can this same technique be applied to politicians and bureaucrats like Rosenstein? :) Teach em to fly!

    link to this | view in thread ]

  36. identicon
    Anonymous Coward, 16 Oct 2017 @ 10:27am

    responsible encryption™

    is about the same as

    undocumented worker

    I love these word games... what? you hate it when they are used against you?

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 16 Oct 2017 @ 10:37am

    Re: Re:

    I said discuss, which is not the same as grant.

    link to this | view in thread ]

  38. identicon
    Anonymous Coward, 16 Oct 2017 @ 10:53am

    Re: CALEA

    CALEA for VoIP hardly seems necessary. VoIP providers rarely mention anything about security, probably because most of them don't encrypt at all—even though "VOIP calls are vulnerable to a variety of threats that traditional telephone calls are not." (Some of them send call detail records in plaintext email too.)

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 16 Oct 2017 @ 11:07am

    Re: Re: Re:

    Oh, well that makes it ok then.

    link to this | view in thread ]

  40. identicon
    Tin-Foil-Hat, 16 Oct 2017 @ 11:32am

    Wrong

    There have always been obstacles and systems that prevented law enforcement obtaining information. For example, DNA analysis is a relatively recent technology for identifying and excluding suspects. Criminals are being brought to justice in cases decades old because of it. But what about the criminal that won't reveal the location of the drugs, money or body? Sticks, carrots and warrants are useless without cooperation. Although technology has provided a indispensable tool to crime fighters, like all technology it sometimes creates an obstacle. Does the constitution allow the government or its agents to use any means to their end? Does it allow preemptive access to the insides of our persons, homes and papers, lest one of us commit a crime in the future? What they are asking for not only provides access to current information but potentially years of cumulative information. These issues need to be addressed. The stakes are higher for the millions of law abiding citizens who are being asked to trade their privacy just in case one of them commits or is even suspected of committing a crime.

    link to this | view in thread ]

  41. identicon
    Tin-Foil-Hat, 16 Oct 2017 @ 11:40am

    Re: Larger issue

    You said it more succinctly than I could.

    link to this | view in thread ]

  42. icon
    Uriel-238 (profile), 16 Oct 2017 @ 12:49pm

    There are no such things...

    as impartial judges or, for that matter legitimate law enforcement needs.

    Even government agencies openly abuse their access to private data. And then they fail to secure that data from outside hackers.

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 16 Oct 2017 @ 2:17pm

    James Comey alike: "Damn, this online banking login is perfectly secure. Without it, cybercriminals would hack it and steal all my money. Thank you, encryption! On the other hand, I wish the login page wasn't perfectly secure in order to keep my job at FBI. Fuck you, encryption!"

    link to this | view in thread ]

  44. identicon
    Personanongrata, 16 Oct 2017 @ 2:52pm

    Trust Me Not

    DOJ Continues Its Push For Encryption Backdoors With Even Worse Arguments

    Is this the same US government that can't even keep the data it has already been entrusted with secure?

    U.S. Office of Personnel Management in June 2015 with 21.5 million person data exposed for potential exploit.

    https://www.wired.com/2016/10/inside-cyberattack-shocked-us-government/

    U.S. Department of Veteran Affairs in May 2006 with 26.5 million veterans data exposed.

    https://identity.utexas.edu/veterans-and-active-service-personnel/the-veterans-affairs-data -breach-of-2006

    National Archives and Records Administration in October 2009 with 76 million persons data potentially exposed.

    https://www.forbes.com/2009/11/24/security-hackers-data-technology-cio-network-breaches.htm l

    U.S. Voter Database December 2015 with 191 million persons data potentially exposed

    http://uk.reuters.com/article/us-usa-voters-breach/database-of-191-million-u-s-voters-exposed-on-in ternet-researcher-idUKKBN0UB1E020151229

    Or the same US government (boondoggles R' US) that is repeatedly exploited every time it contracts building a new network or data base.

    Social Security spent $300M on 'IT boondoggle'

    http://www.foxnews.com/politics/2014/07/23/social-security-spent-300m-on-it-boondoggle.html

    The FBI's Upgrade That Wasn't

    http://www.washingtonpost.com/wp-dyn/content/article/2006/08/17/AR2006081701485.html

    IRS spends millions to upgrade to outdated version of Windows

    http://www.washingtontimes.com/news/2015/oct/15/golden-hammer-irs-spends-millions-to-upgrade -to-ob/

    link to this | view in thread ]

  45. icon
    Aaron Walkhouse (profile), 17 Oct 2017 @ 3:12am

    The only argument that shuts these guys up is this:

    Weaken encryption in the U.S. and all exports of software
    and network-related technology "made in U.S.A."will dry up.
    Everybody, Americans included, will shop elsewhere for tech.

    That's trillions of dollars in new trade deficits, hundreds
    of billions in lost profits to tech industries and tens of
    billions in lost taxes every year until a new administration
    undoes the damage and stops the bleeding.

    Arguing about security and rights of the American people has
    no effect on these clowns because they hold the public in
    contempt, and always will. ‌ Show them what effect their dumb-
    ass meddling will do to their billionaire friends and corporate
    backers and they'll quietly let the issue die off without ever
    having to admit why it was a stupid idea to start with.

    [Yes, I've said it before; and I'll say it again every time. ;]

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.