FBI Says Device Encryption Is 'Evil' And A Threat To Public Safety

from the thanks,-g-men.-we'll-take-it-under-advisement. dept

The FBI continues its anti-encryption push. It's now expanded past Director Christopher Wray to include statements by other FBI personnel. Not that Chris Wray isn't taking every opportunity he can to portray personal security as a threat to the security of the American public. He still is. But he's no longer the only FBI employee willing to speak up on the issue.

Wray expanded his anti-encryption rhetoric last week at a cybersecurity conference in New York. In short, encryption is inherently dangerous. And the FBI boss will apparently continue to complain about encryption without offering any solutions.

The Federal Bureau of Investigation was unable to access data from nearly 7,800 devices in the fiscal year that ended Sept. 30 with technical tools despite possessing proper legal authority to pry them open, a growing figure that impacts every area of the agency's work, Wray said during a speech at a cyber security conference in New York.

The FBI has been unable to access data in more than half of the devices that it tried to unlock due to encryption, Wray added.

"This is an urgent public safety issue," Wray added, while saying that a solution is "not so clear cut."

The solution is clear cut, even if it's not workable. What Wray wants is breakable encryption. And he wants companies to do the work and shoulder the blame. Wray wants to be able to show up at Apple's door with a warrant and walk away with the contents of someone's phone. How that's accomplished isn't really his problem. And he's not intellectually honest enough to own the collateral damage backdoored encryption would cause. But that's how Wray operates. He disparages companies, claiming encryption is all about profit and the government is all about caring deeply for public safety. Both statements are dishonest.

But Wray isn't the only FBI employee taking the move to default encryption personally. And the others commenting are taking the rhetoric even further, moving towards personal attacks.

On Wednesday, at the the International Conference on Cyber Security in Manhattan, FBI forensic expert Stephen Flatley lashed out at Apple, calling the company “jerks,” and “evil geniuses” for making his and his colleagues' investigative work harder. For example, Flatley complained that Apple recently made password guesses slower, changing the hash iterations from 10,000 to 10,000,000.

That means, he explained, that “password attempts speed went from 45 passwords a second to one every 18 seconds,” referring to the difficulty of cracking a password using a “brute force” method in which every possible permutation is tried.

[...]

“At what point is it just trying to one up things and at what point is it to thwart law enforcement?" he added. "Apple is pretty good at evil genius stuff."

This is great. Apple is now an "evil genius" because it made stolen iPhones pretty much useless to thieves. Sure, the device can be sold but no one's going to be able to drain a bank account or harvest a wealth of personal information. This was arguably in response to law enforcement (like the FBI!) complaining cellphone makers like Apple were assholes because they did so little to protect users from device theft. And why should they, these greedy bastards? Someone's phone gets stolen and the phone manufacturer now has a repeat customer.

Encryption gets better and better, limiting the usefulness of stolen devices and now Apple is an "evil genius" engaged in little more than playing keepaway with device contents. Go figure.

The FBI's phone hacker did have some praise for at least one tech company: Cellebrite. The Israeli hackers were rumored to have helped the FBI get into San Bernardino shooter Syed Farook's phone after a failed courtroom showdown with Apple. The FBI ended up with nothing -- no evidence on the phone and no court precedent forcing companies to hack away at their own devices anytime the government cites the 1789 All Writs Act.

Now we're supposed to believe device makers are the villains and the nation's top law enforcement agency is filled with unsung heroes just trying to protect the public from greedy phone profiteers. I don't think anyone believes that narrative, possibly not even those trying to push it.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: chris wray, encryption, fbi, going dark, stephen flatley
Companies: apple


Reader Comments

The First Word

With 'friends' like these...

The Federal Bureau of Investigation was unable to access data from nearly 7,800 devices in the fiscal year that ended Sept. 30 with technical tools despite possessing proper legal authority to pry them open, a growing figure that impacts every area of the agency's work, Wray said during a speech at a cyber security conference in New York.

Meanwhile I feel very safe in assuming that effective, working encryption has protected vastly more than 7,800 devices from various criminals, protecting people from having personal and/or valuable information stolen in addition to having their property stolen, but of course the FBI would rather overlook that little tidbit.

The FBI has been unable to access data in more than half of the devices that it tried to unlock due to encryption, Wray added.

Which completely killed the relevant cases, because the only evidence they had was located on the devices, right? The only thing standing between them and a conviction was access to a particular device, rather than say it possibly making the cases/investigations easier?

"This is an urgent public safety issue," Wray added, while saying that a solution is "not so clear cut."

He's partially correct, but not in the way he means. Having the FBI and other government agencies attacking a critical security feature that millions depend on is most certainly an 'urgent public safety issue', however it's not caused by the tech companies, but rather by him and others like him.

As for the second half the solution is in fact very 'clear cut', and is extremely simple:

Stop attacking the security millions depend on to protect themselves.

Stop trying to vilify an extremely important security measure simply because you don't like the fact that you can't get access to everything simply by demanding it.

Stop trying to hand the public to criminals country-wide by making their personal devices vastly less secure.

In short: Stop trying to make the 'job' of criminals easier just because it would make fulfilling your desires easier too.

—That One Guy

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 12 Jan 2018 @ 3:35am

    News Flash: "FBI Says Whispering is Evil and Everyone must speak loudly into the microphone"

    link to this | view in thread ]

  2. identicon
    Ryu, 12 Jan 2018 @ 3:39am

    Encryption for me not for thee

    Such typical rhetoric,is tiring.They would think differently if Russia or some adversarial countries hacking into unsecured networks.Such hypocrisy is astounding.

    link to this | view in thread ]

  3. identicon
    Yes, I know I'm commenting anonymously, 12 Jan 2018 @ 3:54am

    Truth is Optional

    As is honesty.
    The only thing that matters to corrupt officials is the wishes of their `owners'.
    Just as they're not willing to call a backdoor a backdoor, they're not willing to admit their push for "New Slavery".

    link to this | view in thread ]

  4. icon
    That One Guy (profile), 12 Jan 2018 @ 4:09am

    With 'friends' like these...

    The Federal Bureau of Investigation was unable to access data from nearly 7,800 devices in the fiscal year that ended Sept. 30 with technical tools despite possessing proper legal authority to pry them open, a growing figure that impacts every area of the agency's work, Wray said during a speech at a cyber security conference in New York.

    Meanwhile I feel very safe in assuming that effective, working encryption has protected vastly more than 7,800 devices from various criminals, protecting people from having personal and/or valuable information stolen in addition to having their property stolen, but of course the FBI would rather overlook that little tidbit.

    The FBI has been unable to access data in more than half of the devices that it tried to unlock due to encryption, Wray added.

    Which completely killed the relevant cases, because the only evidence they had was located on the devices, right? The only thing standing between them and a conviction was access to a particular device, rather than say it possibly making the cases/investigations easier?

    "This is an urgent public safety issue," Wray added, while saying that a solution is "not so clear cut."

    He's partially correct, but not in the way he means. Having the FBI and other government agencies attacking a critical security feature that millions depend on is most certainly an 'urgent public safety issue', however it's not caused by the tech companies, but rather by him and others like him.

    As for the second half the solution is in fact very 'clear cut', and is extremely simple:

    Stop attacking the security millions depend on to protect themselves.

    Stop trying to vilify an extremely important security measure simply because you don't like the fact that you can't get access to everything simply by demanding it.

    Stop trying to hand the public to criminals country-wide by making their personal devices vastly less secure.

    In short: Stop trying to make the 'job' of criminals easier just because it would make fulfilling your desires easier too.

    link to this | view in thread ]

  5. icon
    Ninja (profile), 12 Jan 2018 @ 4:32am

    "Now we're supposed to believe device makers are the villains and the nation's top law enforcement agency is filled with unsung heroes just trying to protect the public from greedy phone profiteers."

    Hmm.. I actually think law enforcement has greatly overstepped its authority and acts generally like a bunch of voyeur thugs in a criminal gang towards citizens that are lucky if they don't come out of the interaction dead.

    Sadly.

    link to this | view in thread ]

  6. icon
    Richard (profile), 12 Jan 2018 @ 4:34am

    Re: With 'friends' like these...

    Stop trying to make the 'job' of criminals easier just because it would make fulfilling your desires easier too.

    Except that it wouldn't do even that. The existence of secure encryption depends on the laws of mathematics not the policies of Apple. Even if Apple only offered backdoored encryption serious criminals would still be able to deploy their own encryption. Only the low hanging fruit would be affected - and they usually leave plenty of other evidence to work with.

    As for San Bernardino - well the two main perpetrators were already dead, and it has been shown time and again that these Islamic plots don't depend on sophisticated support networks. So why bother? There was nothing that the FBI could have "cracked" and this was baltantly obvious from the very start.

    These attacks are triggered by information which is propagated in plain sight via the various Islamic scriptures. The way to combat them it to take on the ideology in the public square.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 12 Jan 2018 @ 4:42am

    "Bad guys", "evil", "terrorism", "terrorism"... empty words.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 12 Jan 2018 @ 4:43am

    Re:

    *"terrorists"

    link to this | view in thread ]

  9. icon
    That One Guy (profile), 12 Jan 2018 @ 4:59am

    Re: Re: With 'friends' like these...

    Except that it wouldn't do even that.

    Ah, but you see that's where the distinction between 'job' and 'desire' comes into play, and it's why I used the latter rather than the former. Crippling encryption would make their desire to be able to access any device simply by issuing a demand for access vastly easier, however it would make their jobs much harder by causing an absolute explosion of crime thanks to said crippled encryption.

    Their desires are in conflict with their jobs, but they are aligned with the desires of enormous amounts of criminals who have got to be positively salivating over the idea of millions of people forced to use broken encryption.

    link to this | view in thread ]

  10. icon
    PaulT (profile), 12 Jan 2018 @ 5:12am

    "at what point is it to thwart law enforcement?"

    At the point where there are more law enforcement agents blocked than criminals who are stopped by the technology.

    Since, at present levels, that would require an astounding number of new federal employees, I think we're safe in saying that we're not at that point just yet.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 12 Jan 2018 @ 5:39am

    Replace encryption and guns and there would be a revolution.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 12 Jan 2018 @ 6:32am

    How very cabal news

    'Apple is now an "evil genius"'

    Sounds like you should go to these conferences, or watch them on youtube. It would seem you don't grok wise-ass-ease.

    While I totally disagree with the FBIs position on the subject, the article appears to conflate a technical discussion with a political one. In a technical context, the comment is a compliment.

    Which is to say that you've very likely strayed into the typical misconstrued-quoting practices common to institutions that are generally regarded with contempt in these waters. In the future please check your trim before takeoff.

    TIA

    link to this | view in thread ]

  13. icon
    sciamiko (profile), 12 Jan 2018 @ 6:48am

    "despite possessing proper legal authority"

    If they have legal authority, why not serve the warrant on the owner instead of trying to go behind his back?

    If they are investigating the owner's murder, then he should have left his password with his will. If he didn't then it is his own fault his family might not see justice.

    link to this | view in thread ]

  14. icon
    Jeremy Lyman (profile), 12 Jan 2018 @ 6:51am

    Face It

    I thought using everyone's publicly viewable, and 4th amendment exempt, face as their password was Apple's concession to making encryption law-enforcement friendly.

    link to this | view in thread ]

  15. icon
    JoeCool (profile), 12 Jan 2018 @ 6:58am

    Re:

    Then the FBI lambasted the glove industry for enabling criminals to commit crimes without leaving fingerprints. The evil geniuses of the glove cartel are making the jobs of police everywhere much more difficult, and should be forced to work on gloves that leave fingerprints when used to commit crimes.

    /s

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 12 Jan 2018 @ 7:01am

    Re: How very cabal news

    No, I think you don't grok the context. He called Apple a bunch of jerks for implementing better encryption and security, praised Cellebrite, and called Apple a bunch of evil geniuses. Yes, in some contexts calling a giant tech company a bunch of evil geniuses could be a compliment, but not here. Not coming from an FBI representative talking about how terrible it is that they can't get into any old iPhone they happen to nab from suspected criminals and/or victims.

    Our trim is fine, how's yours?

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 12 Jan 2018 @ 7:03am

    Re:

    Nah, Americans are cowards. Greedy, spineless cowards.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 12 Jan 2018 @ 7:06am

    Re: Face It

    No, that's Apple being jaded and stupid. I can understand where the confusion could arise, though...Difficult to tell them apart in Cupertino lately.

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 12 Jan 2018 @ 7:07am

    I would submit that at this point the FBI itself is "evil" and a threat to public safety.

    link to this | view in thread ]

  20. icon
    John85851 (profile), 12 Jan 2018 @ 7:07am

    Let the FBI test this idea

    If encryption is really so bad, then why doesn't the FBI test this idea and lead by example: from now on, they should 100% unencrypted cellphones, e-mails, and other communications. If no data is stolen and no one loses anything, then we'll slowly roll it out to the rest of the country.

    link to this | view in thread ]

  21. icon
    Richard (profile), 12 Jan 2018 @ 7:08am

    Re: Re: Re: With 'friends' like these...

    I still think that it wouldn't really satisfy their desires - but I'll concede that it it would satisfy what they currently believe their desires to be.

    In other words it's what they currently think that they want - but if they got it they would quickly realise that it isn't what they actually want.

    link to this | view in thread ]

  22. icon
    Éibhear (profile), 12 Jan 2018 @ 7:09am

    Geniuses

    FBI seems to struggle with all types of geniuses. Evil, stable, etc.

    link to this | view in thread ]

  23. icon
    Anonymous Anonymous Coward (profile), 12 Jan 2018 @ 7:29am

    Re: Re: Re: Re: With 'friends' like these...

    Which is how they apply the thumb screws. Get a little now, decry that satisfaction was achieved, get a little more, claim no satisfaction, go after some more, totally unsatisfying. And bit by bit the tree of liberty is put through the wood chipper.

    link to this | view in thread ]

  24. identicon
    Dingledore the Previously Impervious, 12 Jan 2018 @ 7:32am

    Next they'll be ...

    requiring that all asteroids must be divertable.

    link to this | view in thread ]

  25. icon
    Anonymous Anonymous Coward (profile), 12 Jan 2018 @ 7:41am

    Re: Next they'll be ...

    Nah. They are more reasonable than that. They will only require divert-ability on man made asteroids, that is until the vectoring thrusters fail or run out of fuel, then it will be 'oh well', who could have foreseen that?

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 12 Jan 2018 @ 8:10am

    Re: Face It

    No, that was Apple's "Shit, we can't get TouchID to work behind glass like we wanted" plan B.

    link to this | view in thread ]

  27. identicon
    Pixelation, 12 Jan 2018 @ 8:26am

    Might have to get off their asses

    Unfortunately for the FBI, encryption forces them to do their job and Investigate.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 12 Jan 2018 @ 8:27am

    Re: Re:

    I think you will find that just about every nation has those.

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 12 Jan 2018 @ 8:35am

    "The FBI has been unable to access data in more than half of the devices that it tried to unlock due to encryption"

    what it fails to enumerate is the cumber of convictions they failed to obtain solely and only because they could not gain access

    Two very different requirements at work here, . . . . "want" and "need"

    link to this | view in thread ]

  30. icon
    lars626 (profile), 12 Jan 2018 @ 8:42am

    They need help.

    The FBI should simply ask their friends over at the NSA for help.

    The NSA has some smart people. If it were possible to build a secure system that had a Workable access when warranted they should be able to create it. It would need to be vetted by multiple outside parties (any and everybody). Then they wouldn't need to always whine that the tech companies should 'nerd harder'.

    If that were to happen all the serious 'bad guys' would simply use another system developed outside the U.S. So sad FBI, it is not happening. There is a word for when the wishes of the government override the will of the people; that word is NAZI.

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 12 Jan 2018 @ 8:51am

    Wonder how Stephen Flatley will feel.....

    I wonder if his mind will change when his unencrypted device is lost and found by criminals who use his personal information to wipe out his bank accounts, 401k and file for his tax return before he does.

    Or is it OK for him to use encryption to protect himself but not OK for me to do the same?

    link to this | view in thread ]

  32. icon
    PaulT (profile), 12 Jan 2018 @ 8:52am

    Re:

    "what it fails to enumerate is the cumber of convictions they failed to obtain solely and only because they could not gain access"

    Also, the number of devices they were able to access that contained data vital to secure a conviction that they would not have been able to obtain otherwise. Like the arguments about torture, etc., they tend to be very light on those sorts of details, because they know it will not show the result they claim to need these powers for.

    link to this | view in thread ]

  33. identicon
    Remember John Walker?, 12 Jan 2018 @ 8:56am

    Evil Is As Evil Does

    Evil also manifests as no-knock, flashbang, assaults on pets, children, and the murder of innocents unaware of sniper killers (ala Ruby Ridge), and sting operations against the mentally impaired and shutting down entire cities while sacrificing their own operatives in "drills" gone live, etc., etc.

    link to this | view in thread ]

  34. identicon
    Anonymous Coward, 12 Jan 2018 @ 8:59am

    Re: Re: How very cabal news

    Clearly you've not been to one of these things either.

    link to this | view in thread ]

  35. identicon
    Anonymous Coward, 12 Jan 2018 @ 9:01am

    "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin

    He was supposedly speaking to the Pennsylvania legislature over a tax issue at the time, but the quote is still as appropriate for this debate as it is over the ability to tax.

    The FBI would have us give up our Fourth and Fifth Amendment rights to gain a little security only to have given up our privacy and security from a government that has no right to invade citizen privacy at will regardless of "having nothing to hide." Down that road lies totalitarianism and that's exactly what Franklin was warning people over.

    Apple's also in an unenviable position here. If they start bypassing encryption on their own devices at any government's whim they've destroyed their customer's trust. People will stop buying their phones. Sure enough if Apple can do it, anyone else will know there's a way and will find it. Apple's primary revenue is in their phone business, they don't want to jeopardize that.

    link to this | view in thread ]

  36. identicon
    Anonymous Coward, 12 Jan 2018 @ 9:09am

    Chris Wray,

    Possessing proper legal authority to pry open a device is not an authority that entitles you to the existence of devices you can pry open. Sorry Chris, you'll just have to stew in your juice again.

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 12 Jan 2018 @ 9:11am

    Re: Re: Re: How very cabal news

    I don't have to to know he was NOT handing out a compliment.

    link to this | view in thread ]

  38. identicon
    Anonymous Coward, 12 Jan 2018 @ 9:13am

    The FBI is taking money directly from Apple themselves straight into Christopher Wray's personal bank account and the banks of other agents to "complain" how hard Apple is to crack as a form of 'security publicity'.

    Cheap and Sleazy, the FBI has been in the pockets of private businesses and not serving the US for a LONG time.

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 12 Jan 2018 @ 9:18am

    Re:

    "7,800 devices",

    It would be interesting to know how many of those are duplicates. (multiple devices per case), as well as how many resulted in contempt of court citations.

    7800 is small enough to collate in a spread sheet. Frankly I think making such a declaration was a mistake. Nationally it really isn't that big of a number. And if they are pissed about 7800 units, they are going to go completely batshit about what is coming down the pike.

    Hard crypto is going to be the rule, not the exception.

    link to this | view in thread ]

  40. identicon
    Anonymous Coward, 12 Jan 2018 @ 9:30am

    Re: Re: Re: Re: How very cabal news

    Ah. So you are able to clearly contextualize a blurb spoken from a podium a thousand miles away, amidst a cacophony of discussion by hundreds of engineers.

    You skills of deduction exceed mine sir. Perhaps you should like to hire yourself out reading tea leaves?

    Again, I totally disagree with the FBI. But I don't presume to posit an opinion on the state of all medical matters after hearing one doctor fart in a coat closet. And the difference between the two, is what makes the difference between real journalism, and cabal news.

    link to this | view in thread ]

  41. icon
    Seegras (profile), 12 Jan 2018 @ 9:32am

    Re: With 'friends' like these...

    It's what happens when your business is "catching criminals" and not "protecting people".

    The FBI is interested in catching as many criminals as possible, therefore these criminals must have victims, and anything that protects people from being victims leads to no criminals the FBI can arrest.

    This only sounds half bad if it's about encryption, but as it happens, the same happens with child abuse -- the FBI is actually interested in children being victims to abuse, just to arrest the perpetrators.

    Something has gone very, very wrong with the FBI.

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 12 Jan 2018 @ 10:11am

    Re: Re: Re: Re: Re: How very cabal news

    When that blurb is preceded and followed by statements calling Apple a bunch of jerks for making it even harder to hack their products and praising the company Cellebrite that actively works to hack Apple's and other companies' products, then yes, I think I've got a pretty clear context.

    Plus, then there's the full 'evil genius' statement:

    “At what point is it just trying to one up things and at what point is it to thwart law enforcement?" he added. "Apple is pretty good at evil genius stuff."

    He is directly implying that Apple is actively working to thwart law enforcement (good guys) thereby making Apple 'evil geniuses' (bad guys).

    What other possible context could there be???????????

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 12 Jan 2018 @ 10:36am

    Re:

    Hail Hydra!

    link to this | view in thread ]

  44. icon
    Roger Strong (profile), 12 Jan 2018 @ 10:37am

    Re: Face It

    Apple already had Touch ID. The police could simply hold your finger to the sensor.

    You can ignore Face ID and continue to use a password just like you could with Touch ID.

    link to this | view in thread ]

  45. identicon
    Anonymous Coward, 12 Jan 2018 @ 1:47pm

    How Bondian, James Bondian

    "Apple is pretty good at evil genius stuff."

    Don't you hate all this fake mutual admiration from an evil, federal, government agency towards an evil, giant, international corporation? We know the evil gov't agency just wants to make itself look better, if it ever finally manages to defeat the evil corporation. Also helps convince legislators (evil and otherwise alike) to provide additional funding for the evil agency to fight the overwhelmingly über-rich, evil corporation.

    link to this | view in thread ]

  46. identicon
    Personanongrata, 12 Jan 2018 @ 1:57pm

    Tax-Feeding Nincompoops, Data Encryption Algorithms and You

    “At what point is it just trying to one up things and at what point is it to thwart law enforcement?" he added. "Apple is pretty good at evil genius stuff."

    FBI Director Wrong Wray and FBI forensic expert Stephen Flatley are two petty authoritarian tax-feeders blinded by power and hubris.

    FBI claims it has 7,800 encrypted devices that can not be accessed.

    How many billions of encrypted devices have protected their users from everyday criminal attempts to exploit private/sensitive information?

    How many US citizens have had private/sensitive data, that was stored on US government servers, exploited because of improperly secured devices?

    Hacking of Government Computers Exposed 21.5 Million People

    https://www.nytimes.com/2015/07/10/us/office-of-personnel-management-hackers-got-data-of-mill ions.html

    List of hacked government agencies grows: State Department, White House, NOAA & USPS

    https://www.computerworld.com/article/2848779/list-of-hacked-government-agencies-grows-state-de partment-white-house-noaa-and-usps.html

    Continued Federal Cyber Breaches in 2015

    http://www.heritage.org/cybersecurity/report/continued-federal-cyber-breaches-2015

    SEC's Hacking Increases Worries About Vulnerabilities Across U.S. Government

    http://fortune.com/2017/09/21/sec-hacking-vulnerabilities-u-s-government/

    Federal government notifies 21 states of election hacking

    https://apnews.com/cb8a753a9b0948589cc372a3c037a567

    Federal Reserve Hacked More Than 50 Times In 4 Years

    https://www.huffingtonpost.com/entry/hackers-breach-federal-reserve-50-times_us_574ee0d5e4b075 7eaeb1194c

    Thales: 34% of U.S. Federal Government Agencies Experienced Data Breach in Last Year

    The list of US government data being exploited by hackers is mighty long.

    The italicized/bold text examples above show the frequency of US government failures to safe guard data that was entrusted to it's incompetent care.

    Dear Wrong Wray when you and your minions continuously make public pronouncements regarding law enforcement's wet dream of weakening of data encryption algorithms while at the same time not being able to secure the data already in the US governments possession makes you sound and look like a tax-feeding know-nothing nincompoop.

    Congratulations!

    link to this | view in thread ]

  47. icon
    Lord_Unseen (profile), 12 Jan 2018 @ 2:02pm

    Re:

    "Pay no mind to the black, unmarked SUV following you at all times."

    link to this | view in thread ]

  48. identicon
    philnc, 12 Jan 2018 @ 2:26pm

    Re: With 'friends' like these...

    One more for your list:

    Start... doing your damned job and put the criminal gangs, and their paymasters (who might turn out to be the leaders of certain 3-letter US government agencies) out of business. Millions of taxpayers' private records lost in the last decade with crippling financial consequences for some, and you've got the nerve to whine about encryption? You know, on second thought, why don't you just look for another job?

    link to this | view in thread ]

  49. identicon
    Lawrence D’Oliveiro, 12 Jan 2018 @ 2:39pm

    Re: Replace encryption and guns and there would be a revolution.

    Wow, just 136 minutes before someone tried to draw a parallel with guns ...

    link to this | view in thread ]

  50. icon
    Uriel-238 (profile), 12 Jan 2018 @ 3:54pm

    You first, fed.

    The government (which is to say practically all departments) over classify and intentionally obstruct FOIA requests. They act to prevent public oversight and they like to keep it that way.

    Once we establish thorough public oversight of our state's departments at every level, and all things that are not current operational secrets, are transparent and easily accessible to an American citizen Then and not one day sooner should we talking about making private entities more transparent to the government. The government in general and the FBI specifically are completely corrupt, and we have no reason to trust them with private information, even when they threaten to beat it out of us (which they will).

    So, no. The feds can have my encryption codes and my private files when it figures out how to pry them from my cold dead brain.

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 13 Jan 2018 @ 6:09am

    Toto toilets are evil

    The evil geniuses at Toto enable crooks to flush evidence every day.

    “At what point is it just trying to one up things and at what point is it to thwart law enforcement?"

    link to this | view in thread ]

  52. icon
    orbitalinsertion (profile), 13 Jan 2018 @ 6:59am

    Re: Re: Re: Re: Re: With 'friends' like these...

    This, exactly.

    link to this | view in thread ]

  53. icon
    orbitalinsertion (profile), 13 Jan 2018 @ 7:10am

    At what point do they thank tech companies for getting people to put so much personal information in one or two devices in the first place, and storing it in the warrant-accessible cloud, and transmitting over far more capturable media than whispering in the park or making phone calls from unforeseen locations?

    I think the few phones they can't crack is hardly an issue. That they make it one belies their true intents, mainly the grab for more more power (encryption, then the next thing, then the next), and having something to harp on repeatedly to use as an excuse for their next failure to stop some sort of incident (whether it is something reasonably stop-able or not).

    Funny i never see complaints about encrypted desktops and laptops.

    link to this | view in thread ]

  54. icon
    orbitalinsertion (profile), 13 Jan 2018 @ 7:16am

    Re:

    The FBI would have us give up our Fourth and Fifth Amendment rights to gain a little security

    Except it never provides even a little more security.

    (In their universe, however, 10 people die every day for every phone they can't unlock or contents they can't decrypt. Still waiting for that claim...)

    link to this | view in thread ]

  55. icon
    trollificus (profile), 13 Jan 2018 @ 3:11pm

    Re: Might have to get off their asses

    And, correct me if I'm wrong...but wasn't the FBI able to solve cases WITHOUT information from cell phones "back in the day"?? I mean, in the 40s they solved crime without access to everyones' text messages, and in the 30s they were able to go after gangsters without their voicemails, and in the 60s they broke criminal cases without having every suspects emails..maybe they could try and figure out how THAT was done, and, you know, emulate those procedures?

    link to this | view in thread ]

  56. icon
    trollificus (profile), 13 Jan 2018 @ 3:13pm

    Re:

    Well, if they're just throwing up their hands and saying "Fuck it. We can't get into this phone. Let the guy go." then yeah, they will have demonstrated that there is a problem. But, once again, not the one they think.

    link to this | view in thread ]

  57. identicon
    Anonymous Coward, 13 Jan 2018 @ 8:20pm

    Re: Re:

    Ahh, I wondered what those fingerless gloves were for.

    link to this | view in thread ]

  58. icon
    Sayonara Felicia-San (profile), 13 Jan 2018 @ 10:00pm

    It's DejaVu All Over Again...

    Haven't we been here before?

    Didn't they (the NSA I believe) outlaw certain encryption standards back in the late 90's early Millennium?

    That was a completely pointless endeavor and only spurred the creation of better encryption.

    link to this | view in thread ]

  59. icon
    Sayonara Felicia-San (profile), 13 Jan 2018 @ 10:03pm

    Re:

    Probably because unlike a cellphone, you can't effectively isolate a computer from all potential threat vectors as effectively.

    link to this | view in thread ]

  60. identicon
    AnonCow, 14 Jan 2018 @ 3:42pm

    I'm fine with having the same level of encryption that the FBI uses for its devices. The same threat actors trying to penetrate their devices are probably trying to hack my device too, so it makes sense we would use comparable levels of encryption.

    Right?

    link to this | view in thread ]

  61. identicon
    anon, 18 Jan 2018 @ 9:42am

    Re: Re: Replace encryption and guns and there would be a revolution.

    I'm not sure the op intended a parallel as much as commenting on American sensibilities.

    Also guns are tools of destruction yes so is dynamite and chainsaws. Destruction can be useful for certain purposes. Just because one could use a gun or a power drill to hurt someone doesn't mean one will. They are tools and I would think the issue is the people using the tool as apposed to the tool itself.

    link to this | view in thread ]

  62. icon
    Uriel-238 (profile), 18 Jan 2018 @ 11:47am

    The Parallel between Guns and Encryption

    Both are tools that, in the hands of the public, empower it against the state.

    The FBI won't say that disarming the public would serve its interest in preserving the current regime, but plenty of law enforcement have said exactly that.

    FBI's fear over encryption is that it would facilitate organization of resistance even when that resistance becomes a threat, and while a lone gunman isn't a real threat to law enforcement, a company of militia are. (And yes, some organized militia exist in the US.)

    Incidentally, guns occupy the same spot, whether we call them tools or weapons. Our constitutional framers didn't specify guns but general arms that is, weapons, knowing that even firearms may someday become obsolete. The point is the public cannot trust the state to keep something that the public is forbidden from having, including bioagents and nukes.

    (Which is a good reason, incidentally, for the military to stop making bioagents and nukes, and yet they still do.)

    And yes, you can argue that the people are not mature enough to be trusted with guns. But the same is true for the police and the military. Frankly, we can't be trusted with the responsibility of voting or knowing our best interests, but then who can we trust?

    And that's why the people should have full access to guns, even if they're useless.

    And this very same argument can be made regarding encryption. And secret communication can be as deadly as guns, if not worse.

    link to this | view in thread ]

  63. identicon
    Anonymous Coward, 19 Jan 2018 @ 4:51pm

    negligent reporting, or propaganda?

    Cellular baseband has access to system ram (where encryption keys are kept), and is under full control of the network provider- or who ever has fooled the phone into thinking they're the provider (like a stingray for instance...).

    Look it up for christ sakes, don't take my word for it. Then look up Intel IME, AMD PSP, ARM trustzone...

    When you understand how this works (please take the time- it's crucial information that TD seams unwilling to provide for whatever reason)- it's plain to see this is mostly distraction and redirection; whether intentional or not articles like this shape public opinion in ways beneficial to the fbi's goals (creating stupid criminals, and increased access to high lvl intelligence gathering tools originally justified by -for use against- genuine terrorism).

    These articles serve as great advertising for apple/google, (who have likely provided generous gov access in exchange for turning blind eyes regarding Taxes and Anti-trust) while falsely convincing people their devices are secure. It doesn't matter how perfect your encryption is if you device is hopelessly structurally flawed- which describes 99%+ of devices built in the last 5 years. It's like waxing lyrical on how perfect one finger is while ignoring the necrotic hand it's connected to... Fundamentally dishonest or neglegent omission.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.