The Future The FBI Wants: Secure Phones For Criminals, Broken Encryption For Everyone Else
from the safety's-just-another-word-for-nothing-left-to-lose dept
The old truism is in play again with the FBI's renewed CryptoWar: if X is outlawed, only criminals will have X. In this case, it's secure encryption. The FBI may not be trying to get encryption banned, but it does want it weakened. No backdoors, claims FBI director Chris Wray, just holes for the government to use at its pleasure. So, if the FBI gets it way, the only truly secure encryption will be in the hands of criminals… exactly the sort of people the FBI claims it needs weakened encryption to catch.
For years, a slew of shadowy companies have sold so-called encrypted phones, custom BlackBerry or Android devices that sometimes have the camera and microphone removed and only send secure messages through private networks. Several of those firms allegedly cater primarily for criminal organizations.
Now, the FBI has arrested the owner of one of the most established companies, Phantom Secure, as part of a complex law enforcement operation, according to court records and sources familiar with the matter.
Phantom makes phones solely for criminals, unlike Apple or Android manufacturers, who only have a certain percentage of criminals in their userbases. All of these companies may provide the protection of encryption, but only one actively targets a criminal market. Encryption protects everyone, not just criminals, but that fact is usually paved over with subtle-as-10-tons-of-asphalt comments from the FBI director while portraying the FBI as the nation's white knight and cell phone manufacturers as profit-driven sociopaths.
These companies marketing directly to criminals do more to protect data and communications than vanilla smartphones. Remote wipe capability is built in. Often, cameras and microphones are removed, along with GPS software/hardware. It's more security than most people need, but then again, most people aren't cartel members.
The thing is, the FBI director doesn't care if you're law-abiding. He wants your encryption options limited and weakened so the contents can be accessed. This makes your smartphone more susceptible to being accessed by criminals, rather than just G-men. And these criminals accessing your phone will probably have phones the FBI can't even access, even with backdoors or key escrow or easily-cracked encryption. Chris Wray claims this is all about public safety, but he's willing to make the public less safe to gain the access he wants.
While I understand the concern of the inability to access evidence, the fact remains no solution involving compromised encryption will make the public safer. And while I understand the concern, the concern itself is overstated and accompanied by smoke-and-mirrors presentations. The FBI points to stacks of locked phones, but says nothing about the many tools at its disposal: phone-cracking companies, judges, contempt charges, good old fashioned consent requests, or whether all cases involving these phones remain at a standstill. The FBI does not argue in good faith, and the access it wants can only be had by sacrificing the security and safety of law-abiding citizens.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: doj, encryption, fbi, going dark, security
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
What do the major credit card companies think about this?
[ link to this | view in thread ]
Of course this is how they want it. It makes their jobs way easier. They didn't get Al Capone for all the various racketeering and murder, they got him for tax evasion. The FBI regularly doesn't get people for various forms of corruption, but for perjury.
And in this case they want to make it so they don't have to get you for whatever you were doing on your encrypted channel, they can just lock you away for using an encrypted communications channel.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: What do the major credit card companies think about this?
[ link to this | view in thread ]
So basically, you want a backdoor?
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
If it's possible, why hasn't the NSA published the mechanism?
If what these people claim is possible, why hasn't the NSA published the mechanism to do it yet?
Secure crypto doesn't rely on secret methods. In fact, just about every crypto which employs a secret methodology has been shown to be insecure.
[ link to this | view in thread ]
What about the First Amendment and Anonymity
[ link to this | view in thread ]
I frankly don't see any other reason for the "what-about-ism" in the second half of the article. It is as irrelevant to the first half of the article as the price of tea in China, and the fact you would combine tow two tells me more about Techdirt's biases than it does about the original story.
But hey, congratulations on successfully using a bot to write an article! That is quite the accomplishment!
[ link to this | view in thread ]
Re: Re:
No, no, no. Just like a secret small opening in a wall that only we can look through.
[ link to this | view in thread ]
Just which criminals were you talking about?
In the end, as now, we will not be able to find out what they are up to, but they will know everything about what we are up to, giving them the ability to charge us with 'made up conspiracies' using things out of context while they will continue to hide their activities via obfuscation, hand waving, and legal contracts that prevent the freedom of information that the law allows us.
[ link to this | view in thread ]
Re: What about the First Amendment and Anonymity
Power?
[ link to this | view in thread ]
Re: What about the First Amendment and Anonymity
The use markdown tick box.
[ link to this | view in thread ]
Re: Re: What about the First Amendment and Anonymity
The “Preview” button.
[ link to this | view in thread ]
Re: What do the major credit card companies think about this?
Do you remember the non-export browsers of the 1990s? To get a secure version of IE (for free), I had to provide an American or Canadian address and promise I wasn't going to export it. Otherwise it was 40-bit encryption. Not many sites could do 128-bits; maybe a few banks.
There's a reason we're calling this Crypto Wars 2.0.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
And then they want of course
everyone to call a duck a horse
[ link to this | view in thread ]
Re: What do the major credit card companies think about this?
[ link to this | view in thread ]
um
your country can get bent for its stupidity and this only leads me ot have less faith in doing any business with any americans....perhaps its good we end nafta and go with mexico ( i am in canada ) and hten we can keep shit to ourselves and our new european trade partners as well as asian TPP partners....
at this rate the only people you will be trading with is your next door neighbor
[ link to this | view in thread ]
The simple fact of the matter is Most will end up with a backdoor into their phones, and the Criminals. Anyone smart enough with a little effort can just install 3rd party encryption software. No backdoors!!! There's not a single thing the U.S. Government could do about it. So the 99% of the Public that are not criminals now have holes in their phone security. Creating a bigger problem with all the fraud that's going to happen and other crimes from the criminals getting into people's devices from holes. The criminals are still protected.
How the F did you fix anything. Besides, other countries will NOT want any U.S. products sold in their country that has a backdoor where the U.S. Government could spy on their citizens!!!! This is one of the biggest reasons it was killed in the past. What may be worse, allowing to be sold, but access to the backdoor themselves so they can spy on their own citizens, and the U.S. Citizens. More and more control of keys getting into the wrong hands.
[ link to this | view in thread ]
Theft
Today, mobile device theft is much less common, because Android and iOS both have built-in secure remote-brick functionality. If my phone is stolen, it becomes a fancy paperweight until I remove the block. This makes "hot" phones much less valuable.
This works because of strong encryption. If a phone can cracked once, the internet makes distribution of the instructions easy to the point where any matching phone can also be cracked. Weakening encryption will bring us back to those early days, when leaving a phone sit idle even for a moment meant saying "Goodbye" to an expensive device.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
How exactly does a phone with no microphone work?
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Ummm, no…
so they twist English into pretzels to call them anything but that. ;]
[ link to this | view in thread ]
Re:
here's another way to look at it. George Washington and Co. wasn't worried so much about breaking the law using coded messages and hidden meetings to plot the overthrow of the Crown in the British Colonies, as much as Overthrowing the Crown in the British Colonies itself. The same goes for criminals, They aren't worried about breaking encryption laws to commit crimes, so much as committing the crime itself.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Just which criminals were you talking about?
Wow, when I started reading your comment, I thought the second sentence was going to read: "There are those criminals who rob and murder and rape and extort other people, etc.. and then there are criminals who aren't cops."
Sadly, still true.
[ link to this | view in thread ]
Re: Re: Re:
Perhaps work on your reading comprehension?
The post has a pretty clear through-line. 1. FBI wants to outlaw encryption to capture more criminals. 2. There are companies that specialize in selling encrypted phones to criminals. 3. If the FBI succeeds in fubar'ing encryption, there criminals will still have encryption and 4. everyone else gets screwed.
I see no "what-about-ism." I see no Twitter style argumentation (other than from your baseless attacks). I'd expect better of you.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: What do the major credit card companies think about this?
https://www.cyberscoop.com/tls-1-3-weakness-financial-industry-ietf/
[ link to this | view in thread ]
The FBI doesn't need to weaken encryption or mandate backdoors to help it catch serious criminals. They already have the resources and technical ability to penetrate the security of targeted criminals - see the Apple case where the feds in the end dropped the case because they 'found' an alternative way into the phone.
What they don't have the resources to do is monitor en-mass the general public or implement minority report-style pre-crime analytics to arrest those who might be about to commit a crime. Until, that is, they manage to mandate their blanket backdoors.
[ link to this | view in thread ]
*Walt Kelly
We the sheeple are the enemy. We get so wrapped up in all the BS flying back and forth between the 2 political parties we forget WE are the ones who put them there. The legislature was never designed to be a public trough for lazy bureaucrats.
If we want to stop all this BS about encryption or anything else the answer is obvious. Vote every incumbent out regardless of party affiliation.
We don't have the govt we want but we have the one we deserve because we can't see any further than OMG that's a Democrat or that's a Republican.
Just go to the damn polls and vote against every bill, and every incumbent.
It's not rocket science people.
[ link to this | view in thread ]
Who is a criminal
So there are (if we accept the definition of criminal depends on viewpoint in the same way that "one mans freedom fighter is another mans terrorist") non criminal (in many peoples view) uses of such technology.
Such tech could be of use to people involved in clandestinely conducting affairs (plenty of adultery goes on, it might be frowned upon but we don't jail people for adultery) as less chance of their partners catching their affair comms.
[ link to this | view in thread ]
Re: If it's possible, why hasn't the NSA published the mechanism?
https://en.wikipedia.org/wiki/Dual_EC_DRBG
[ link to this | view in thread ]
no camera, no microphone, no GPS, no service
Do non-GPS phones even work in the U.S. at all? I thought that 911 required GPS in modern smartphones.
Does "right-to-repair" allow this sort of amputation?
If so, where do I sign up?
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re: Re:
Now if you'll excuse me, I feel very dirty and thus am heading off to have a shower. ;-)
PS: I had no idea super secure cell phones were being marketed to "criminals", though surely they aren't the only people who buy these things? I definitely like the concept, speaking as someone who always goes the extra mile when it comes to securing my home and all my digital devices. Other than a point and shoot camera (USB only), I do not own anything with a camera or microphone as I've never been able to bring myself to trust devices that have them; doubly so for internet enabled devices. Given everything that has been coming to light this past decade, I was certainly justified in being cautious. Heck, I wouldn't even buy an Xbox One until they'd removed that stupid Kinect thing (Microsoft + NSA's PRISM = A BIG FAT NOPE). So glad they did.
[ link to this | view in thread ]
Re: Re: What do the major credit card companies think about this?
https://www.cyberscoop.com/tls-1-3-approved/
[ link to this | view in thread ]