Latest DOJ WTFness: Encryption Is Like A Locked House That Won't Let Its Owners Back Inside
from the spare-the-Rod,-spoil-the-horse-carcass dept
Deputy Attorney General Rod Rosenstein continues his push for law enforcement-friendly broken encryption. The ultimate goal is the same but the arguments just keep getting worse. Trying to pitch worthless encryption (i.e., encryption easily compromised in response to government demands) as "responsible" encryption is only the beginning of Rosenstein's logical fallacies.
After a month-plus of bad analogies and false equivalents, Rosenstein has managed to top himself. The path to Rosenstein's slaughtering of a metaphor runs through such highlights as the DAG claiming device encryption is solely motivated by profits and that this is the first time in history law enforcement hasn't had access to all forms of evidence. It's an intellectually dishonest campaign against encryption, propelled by the incredibly incorrect belief that the Fourth Amendment was written to provide the government with access, rather than to protect citizens from their government.
In a long article by Cyrus Farivar discussing a recent interview given by Rosenstein, the Deputy Attorney General drops this abomination of an analogy:
"I favor strong encryption, because the stronger the encryption, the more secure data is against criminals who are trying to commit fraud," he explained. "And I'm in favor of that, because that means less business for us prosecuting cases of people who have stolen data and hacked into computer networks and done all sorts of damage. So I'm in favor of strong encryption."
"This is, obviously, a related issue, but it's distinct, which is, what about cases where people are using electronic media to commit crimes? Having access to those devices is going to be critical to have evidence that we can present in court to prove the crime. I understand why some people merge the issues. I understand that they're related. But I think logically, we have to look at these differently. People want to secure their houses, but they still need to get in and out. Same issue here."
It is nowhere near the "same issue." I sincerely hope DAG Rosenstein regrets every word of this statement.
Let's streamline the analogy: People want to protect the data on their phones. People still want to be able to access this data on their phones. In no case ever has encryption prevented people from accessing the data on their phones. Forgotten passcodes might, but that's like losing house keys. You might need outside assistance to get back in.
Rosenstein's analogy skips a step. It has to. There's no way this analogy can ever work couched in Rosenstein's anti-encryption statements. People lock their houses when they leave and unlock them with their keys when they get back. Rosenstein's analogy is completely baffling, given the context of his remarks. How does strong security prevent people from "entering" their devices? It doesn't and Rosenstein knows this. It only prevents people other than the device owner from doing so.
What he's actually talking about is government access, but he can't find a credible argument for weakening the strong encryption he just claimed he believed in. And he doesn't have the intellectual honesty to say what he really means. The "they" in "but they still need to get in and out" is meant to encompass law enforcement agencies. In the context of Rosenstein's anti-encryption argument, that's the only interpretation that makes any sort of sense. Otherwise, it's a non sequitur -- one that claims strong security is somehow capable of preventing home owners from coming and going as they please.
A boneheaded analogy like this is the only rhetorical option left. That's because what Rosenstein wants -- easily-compromised "strong" encryption (i.e., "responsible encryption") -- simply cannot exist. Impossible demands can only be justified by implausible arguments. Given the swift and steady deterioration of Rosenstein's rhetoric, it's probably time to put his "Dead Horses and the Men Who Beat Them" show on ice.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: bad analogies, doj, encryption, going dark, responsible encryption, rod rosenstein
Reader Comments
Subscribe: RSS
View by: Time | Thread
Surely even the slightly tech-savvy can understand how this analogy doesn't work. If encryption worked like this, no one would or even could use it.
[ link to this | view in chronology ]
Re:
ha haa haaaahh aahahaaahaaaahhaaa
There are two problems here.
lack of understanding on behalf of the voters.
lack of integrity on behalf of the voted.
It would be nice for officials to understand things, the problem is that we do not require them to.
[ link to this | view in chronology ]
No no, this is setting the scene
I am sure those smart people in the lock industry could do that if they nerded harder, they are just being stubborn.
[ link to this | view in chronology ]
Explanation
"What's mine is mine and what's yours is mine too. Therefore I'm entitled to your key and to use it for any old reason."
QED, etc. :\
[ link to this | view in chronology ]
Does anyone take this seriously?
[ link to this | view in chronology ]
Re: Does anyone take this seriously?
Millions of Americans, and others around the world, listen seriously to the words of the President of the United States. They do listen. Very seriously.
Sad.
Anyhow, in comparison to the President, and in comparison to the Attorney General, Jefferson Beauregard Sessions III — in comparison, their subordinate at DoJ, Deputy Attorney General Rod Rosenstein, is just not quite exactly as serious.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Heisenberg's encryption principle
[ link to this | view in chronology ]
Re: Heisenberg's encryption principle
[ link to this | view in chronology ]
... no, that is still not rain.
A boneheaded analogy like this is the only rhetorical option left.
It's not 'boneheaded', it's dishonest. Deliberately misleading and dishonest.
In one paragraph he proclaims that strong encryption is important and that he is in favor of it, yet the very next paragraph he throws out an example wherein he portrays strong encryption as a bad thing because it keeps certain people out, an example that only works if(as noted in the article) the 'they' in his statement are a different party than the 'homeowner' in his example.
It's very clear that he does not actually believe in 'strong encryption' in any real sense of the term, and the least he could do is be honest about it. Admit flat out that he's okay with weakening encryption, that it's a price he's willing to have the public pay in order to ensure unprecedented access to information that working encryption could prevent. It would still be a dangerously stupid idea for someone in his position to be pushing, but at least it would be an honestly presented dangerously stupid idea.
[ link to this | view in chronology ]
How Much Rod can You Handle?
Deputy Attorney General Rod Rosenstein continues his push for law enforcement-friendly broken encryption.
Would someone please explain to Rod Rosenstein the first law of holes is to stop digging.
[ link to this | view in chronology ]
Man, one has to explain the simplest things to you:
That's a perfect analogy. Because it spells out the new world order. If you buy a smartphone, you think it is yours. But if you look at the small print, you cannot help but feeling that the manufacturer thinks it's still theirs.
But you still need to have your personal data registered to get it because, make no mistake, the government considers it theirs. Or maybe they consider you its property, and as a slave your possessions are actually theirs.
I mean, take a look at civil asset forfeiture. That makes only sense once you are considered a government slave, otherwise your property could not just be taken without due process.
[ link to this | view in chronology ]
YOU WOULDN'T DOWNLOAD A CAR
So you shouldn't reliably secure your data.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Don't forget Burrr
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
https://www.indybay.org/uploads/2015/12/10/feinstein_corruption_1.2.pdf
[ link to this | view in chronology ]
I will grant him this one BUT... only in as much as that after Snowden, the world took a hard look at how strong our encryption actually is, and who is accessing it, and for what reasons.
This is what happens when you put backdoors in stuff.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: Yes DOJ, Lead By Example
Then after a couple of years they will have the ideal example. (For the non-existence of cyber-unicorns)
[ link to this | view in chronology ]
It's not that boneheaded an analogy. The lock is the encryption in this case. Now imagine we redesign door locks to accept a master key that "only LEO has a copy of". LEOs join the force, LEOs leave the force. The wrong people retain or gain access to those master keys and suddenly every house in America has to have the locks changed.
It's a pretty apt analogy imo.
[ link to this | view in chronology ]
Response to: Anonymous Coward on Nov 14th, 2017 @ 12:47pm
[ link to this | view in chronology ]
Goose and Gander
[ link to this | view in chronology ]
Amazon Key allows people to unlock their doors remotely.
I imagine that'll be the FBI's next target - so they can have literal backdoor access to people's homes too.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
LOLS
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Considering most Encryption software is written outside of the U.S., they have very little to ZERO control over most Encryption software made. Those smart enough will use it.
[ link to this | view in chronology ]
Re: Re:
Unless the governments are spying on everyone's phone in real time, completely bypassing encryption, giving access to that phone, might stop a terrorist or murderer. No one in their right mind would want to grand a government that kind of power.
[ link to this | view in chronology ]
reenscproynpstiibolne
In terms of topping the boneheadedness, this reminds of Dilbert's Topper, but this can become its own new character - DAGbert.
[ link to this | view in chronology ]
Newspeak
They want to be able to effortlessly spy on our activities and punish as many people as possible for any transgression of our gazillion laws no matter how petty. Of course they'll claim it's for the fraction of a percent of cases that involve children or terrorism.
They should be considered an enemy of the people until they're obligated to obey the same laws we are and operate as transparently as they demand we do. They should obey the spirit of the law, not look for loopholes to cast a wider net. They violate our trust and instead of earning it back they use fear tactics and propaganda to manipulate congress.
You want easy access to millions of devices just in case? Too bad.
[ link to this | view in chronology ]
I can accept the analogy
[ link to this | view in chronology ]
Re: I can accept the analogy
[ link to this | view in chronology ]
Re: Re: I can accept the analogy
... along with an undisclosed number of 'friends'. But no worries, they're totally trustworthy and would never abuse the key, or leave it where someone who might not be quite as trustworthy might get their hands on it. Promise.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Not a new idea, but maybe more succinct...
[ link to this | view in chronology ]
Responsible encryption isn't giving the keys to criminals and spooks.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
We can use his analogy
"I want the government to have skeleton keys to every house in the country, no matter how secure. The government promises never to use the keys without judicial oversight and a proper warrant. And they also promise that nobody else in the world will be able to sneak into the keystore and take a key." ... like that won't happen!
[ link to this | view in chronology ]
More accurate version of the analogy
[ link to this | view in chronology ]
Re: More accurate version of the analogy
If he were trying to say it's to keep the government out of their houses,
A) He probably wouldn't get much support for this idea
B) Comparing a secured physical location with encrypted information is specious
[ link to this | view in chronology ]
[ link to this | view in chronology ]