White House Floats Idea Of Crypto Backdoor... If The Key Is Broken Into Multiple Pieces

from the crossing-the-threshold dept

It's no secret that some in the law enforcement and intelligence communities are hell bent on stopping encryption from being widely deployed to protect your data. They've made it 100% clear that they want backdoors into any encryption scheme. But when actual security folks press government officials on how they're going to do this without undermining people's own security and privacy, we get a lot of bureaucratic gobbledygook in response. Either that or magical fairy thinking about golden keys that basically any security expert will tell you are impossible without weakening security.

Not surprisingly, the law enforcement and intelligence communities are not giving up yet. The latest is that the White House appears to be floating a proposal to setup a backdoor to encryption that requires multi-party keys. That is, rather than just having a single key that can decrypt the content, it would require multiple parties with "pieces" of the "key" to come together to unlock it:

Recently, the head of the National Security Agency provided a rare hint of what some U.S. officials think might be a technical solution. Why not, said Adm. Michael S. Rogers, require technology companies to create a digital key that could open any smartphone or other locked device to obtain text messages or photos, but divide the key into pieces so that no one person or agency alone could decide to use it?

“I don’t want a back door,” said Rogers, the director of the nation’s top electronic spy agency during a speech at Princeton University, using a tech industry term for covert measures to bypass device security. “I want a front door. And I want the front door to have multiple locks. Big locks.”

Of course, this proposal is nothing new. As Declan McCullagh points out, during the first "Crypto Wars" of the 1990s, the NSA proposed the same sort of thing with two parties holding parts of the escrow key. It was a dumb idea then and it's a dumb idea now.

The idea being floated here is that by setting up such a system, it's less open to abuse by government/law enforcement/intelligence communities. And maybe that's true. It makes it marginally less likely to be abused by the government. But it can still be abused quite a bit. It's not like we haven't seen multiple government agencies team up to do nefarious things in the past, or even federal officials and private companies. Hell, just look at the recent discussions about the DEA's phone records surveillance program, where the DEA later teamed up with the NSA. And, also, that program required the more or less voluntary cooperation of telcos. So the idea that the requirement of multiple parties somehow lessens the risk seems like a stretch.

But, even if it actually did reduce the risk of direct abuse, it doesn't get anywhere near the real problem with this approach. If you're building in a back door, you're building in a vulnerability that others will eventually be able to exploit. You are flat out weakening the system -- whether or not you split up the key. You're still exposing the data to those with nefarious intent by weakening the overall system.

Thankfully, at least some in the government seem to recognize this:

“The basic question is, is it possible to design a completely secure system” to hold a master key available to the U.S. government but not adversaries, said Donna Dodson, chief cybersecurity advisor at the Commerce Department’s National Institute of Standards and Technologies. “There’s no way to do this where you don’t have unintentional vulnerabilities.”

So, now the questions is if the White House will actually listen to the cybersecurity experts at NIST -- or the people who want to undermine cybersecurity at the NSA and the FBI?

Filed Under: backdoors, crypto, cryptowars, encryption, key escrow, mobile encryption, multiple piece, nist, nsa, threshold

FBI Quietly Removes Recommendation To Encrypt Your Phone... As FBI Director Warns How Encryption Will Lead To Tears

from the keeping-you-safe...-or-keeping-you-vulnerable dept

Back in October, we highlighted the contradiction of FBI Director James Comey raging against encryption and demanding backdoors, while at the very same time the FBI's own website was suggesting mobile encryption as a way to stay safe. Sometime after that post went online, all of the information on that page about staying safe magically disappeared, though thankfully I screenshotted it at the time: If you really want, you can still see that information over at the Internet Archive or in a separate press release the FBI apparently didn't track down and memory hole yet. Still, it's no surprise that the FBI quietly deleted that original page recommending that you encrypt your phones "to protect the user's personal data," because the big boss man is going around spreading a bunch of scare stories about how we're all going to be dead or crying if people actually encrypted their phones:

Calling the use of encrypted phones and computers a “huge problem” and an affront to the “rule of law,” Comey, painted an apocalyptic picture of the world if the communications technology isn’t banned.

“We’re drifting to a place where a whole lot of people are going to look at us with tears in their eyes,” he told the House Appropriations Committee, describing a hypothetical in which a kidnapped young girl’s phone is discovered but can’t be unlocked.

So, until recently, the FBI was actively recommending you encrypt your data to protect your safety -- and yet, today it's "an affront to the rule of law." Is this guy serious?

More directly, this should raise serious questions about what Comey thinks his role is at the FBI (or the FBI's role is for the country)? Is it to keep Americans safe -- or is it to undermine their privacy and security just so it can spy on everyone?

Not surprisingly, Comey pulls out the trifecta of FUD in trying to explain why it needs to spy on everyone: pedophiles, kidnappers and drug dealers:

“Tech execs say privacy should be the paramount virtue,” Comey continued, “When I hear that I close my eyes and say try to image what the world looks like where pedophiles can’t be seen, kidnapper can’t be seen, drug dealers can’t be seen.”

Except we know exactly what that looks like -- because that's the world we've basically always lived with. And yet, law enforcement folks like the FBI and various police departments were able to use basic detective work to track down criminals.

If you want to understand just how ridiculous Comey's arguments are, simply replace his desire for unencrypted devices with video cameras in every corner of your home that stream directly into the FBI. Same thing. Would that make it easier for the FBI to solve some crimes? Undoubtedly. Would it be a massive violation of privacy and put many more people at risk? Absolutely.

It's as if Comey has absolutely no concept of a cost-benefit analysis. All "bad people" must be stopped, even if it means destroying all of our freedoms, based on what he has to say. That's insane -- and raises serious questions about his competence to lead a government agency charged with protecting the Constitution.

Filed Under: doj, encryption, fbi, james comey, mobile encryption, privacy, security

Disappointing: Google Not Yet Requiring Phone Makers To Encrypt By Default

from the get-things-up-to-speed dept

Well, this is disappointing. Back in September, we were happy to see both Apple and Google announced that their mobile platforms would be encrypted by default (for local storage, not for data transmissions), which has kicked off something of a new round of Crypto Wars, as law enforcement types have shoved each other aside to spread as much possible FUD about the "dangers" of mobile encryption (ignoring that they also recommend mobile encryption to keep your data safe).

However, as Ars Technica reported earlier this week, it appears that while Google is encrypting by default on its own Nexus phones that have the latest Android (Lollipop), it slightly eased back the requirements for its OEM partners such as Motorola and Samsung who make their own devices. Default encryption is now "very strongly RECOMMENDED" rather than required. And even with that "very strong RECOMMENDATION," it appears that neither Samsung or Motorola are enabling default encryption on its latest devices.

While some will likely jump to the conclusion that law enforcement pressure is at work here, a much more likely explanation is just the performance drag created by encryption. Last fall, Anandtech did some benchmarking of the Nexus 6 both with encryption on and off, and as the site itself says, the results are "not pretty." Given the competitive market, there's a decent chance that the big phone manufacturers didn't want to get bad benchmark ratings when phones are compared, and those made the decision to go against the "very strong recommendation."

Hopefully this gets sorted out quickly, as phonemakers can optimize new phones for encryption. And, honestly, as the Anandtech report itself notes, these benchmarks are basically meaningless for real world performance:

The real question we have to ask is whether or not any of these storage benchmarks really matter on a mobile device. After all, the number of intensive storage I/O operations being done on smartphones and tablets is still relatively low, and some of the situations where NAND slowdowns are really going to have an effect can be offset by holding things in memory.

But, it appears, while mobile phone makers don't want to take the chance of bad benchmarks hurting their reputation, they're less concerned about leaving consumers' data exposed.

It's disappointing that this is where things are today, after so much focus on default encryption just a few months ago, but hopefully it's just a temporary situation and we'll get to default encryption very, very soon.

Filed Under: android, benchmarks, encryption, mobile encryption, oems, privacy
Companies: google, motorola, samsung

NSA Director: If I Say 'Legal Framework' Enough, Will It Convince You Security People To Shut Up About Our Plan To Backdoor Encryption?

from the wanna-try-that-again dept

Admiral Mike Rogers, the NSA Director, has barely been on the job for a year, and so far he'd mostly avoided making the same kinds of absolutely ridiculous statements that his predecessor General Keith Alexander was known for. Rogers had, at the very least, appeared slightly more thoughtful in his discussions about the surveillance state and his own role in it. However, Rogers ran into a bit of trouble at New America's big cybersecurity event on Monday -- in that there were actual cybersecurity folks in the audience and they weren't accepting any of Rogers' bullshit answers. The most notable exchange was clearly between Rogers and Alex Stamos, Yahoo's chief security officer, and a well known privacy/cybersecurity advocate.

Alex Stamos (AS): “Thank you, Admiral. My name is Alex Stamos, I’m the CISO for Yahoo!. … So it sounds like you agree with Director Comey that we should be building defects into the encryption in our products so that the US government can decrypt…

Mike Rogers (MR): That would be your characterization. [laughing]

AS: No, I think Bruce Schneier and Ed Felton and all of the best public cryptographers in the world would agree that you can’t really build backdoors in crypto. That it’s like drilling a hole in the windshield.

MR: I’ve got a lot of world-class cryptographers at the National Security Agency.

AS: I’ve talked to some of those folks and some of them agree too, but…

MR: Oh, we agree that we don’t accept each others’ premise. [laughing]

AS: We’ll agree to disagree on that. So, if we’re going to build defects/backdoors or golden master keys for the US government, do you believe we should do so — we have about 1.3 billion users around the world — should we do for the Chinese government, the Russian government, the Saudi Arabian government, the Israeli government, the French government? Which of those countries should we give backdoors to?

MR: So, I’m not gonna… I mean, the way you framed the question isn’t designed to elicit a response.

AS: Well, do you believe we should build backdoors for other countries?

MR: My position is — hey look, I think that we’re lying that this isn’t technically feasible. Now, it needs to be done within a framework. I’m the first to acknowledge that. You don’t want the FBI and you don’t want the NSA unilaterally deciding, so, what are we going to access and what are we not going to access? That shouldn’t be for us. I just believe that this is achievable. We’ll have to work our way through it. And I’m the first to acknowledge there are international implications. I think we can work our way through this.

AS: So you do believe then, that we should build those for other countries if they pass laws?

MR: I think we can work our way through this.

AS: I’m sure the Chinese and Russians are going to have the same opinion.

MR: I said I think we can work through this.

AS: Okay, nice to meet you. Thanks.

[laughter]

MR: Thank you for asking the question. I mean, there are going to be some areas where we’re going to have different perspectives. That doesn’t bother me at all. One of the reasons why, quite frankly, I believe in doing things like this is that when I do that, I say, “Look, there are no restrictions on questions. You can ask me anything.” Because we have got to be willing as a nation to have a dialogue. This simplistic characterization of one-side-is-good and one-side-is-bad is a terrible place for us to be as a nation. We have got to come to grips with some really hard, fundamental questions. I’m watching risk and threat do this, while trust has done that. No matter what your view on the issue is, or issues, my only counter would be that that’s a terrible place for us to be as a country. We’ve got to figure out how we’re going to change that.

[Moderator Jim Sciutto]: For the less technologically knowledgeable, which would describe only me in this room today, just so we’re clear: You’re saying it’s your position that in encryption programs, there should be a backdoor to allow, within a legal framework approved by the Congress or some civilian body, the ability to go in a backdoor?

MR: So “backdoor” is not the context I would use. When I hear the phrase “backdoor,” I think, “well, this is kind of shady. Why would you want to go in the backdoor? It would be very public.” Again, my view is: We can create a legal framework for how we do this. It isn’t something we have to hide, per se. You don’t want us unilaterally making that decision, but I think we can do this.

As you read it, you realize that Rogers keeps thinking that if he says "legal framework" enough times, he can pretend he's not really talking about undermining encryption entirely. Well known cybersecurity guy Bruce Schneier pushed back, pointing out that:

It’s not the legal framework that’s hard, it’s the technical framework. That’s why it’s all or nothing.

No matter what anyone said, however, Rogers appears to keep going back to the "legal framework" well, over and over again, as if that magic phrase would change magical thinking into reality:

“If these are the paths that criminals, foreign actors, terrorist are going to use to communicate, how do we access that?” he asked, citing the need for a “formalized process” to break through encrypted technology.

Rogers pointed toward cooperation between tech companies and law enforcement to combat child pornography. “We have shown in other areas that through both technology, a legal framework, and social compact that we have been able to take on tough issues. I think we can do the same thing here.”

Yes, but that's very different, even as anyone looking to rip apart important privacy and free speech tools loves to shout "child porn," the examples are not even remotely comparable. And no one's looking to backdoor everything just to get at people passing around child porn. But the larger point stands. Rogers seems to think that there is a magic bullet/golden key that will magically only let the good guys through if only the tech industry is willing to work with him on this.

“You don’t want the FBI and you don’t want the NSA unilaterally deciding what” is permissible, Mr. Rogers said.

Except that presumes that if only the surveillance community and the tech industry got together they could come up with such a safe system, and as everyone else is telling him, that's impossible. And for a guy who is supposed to be running an agency that understand cryptography better than anyone else, that's really troubling:

Filed Under: admiral mike rogers, alex stamos, bruce schneier, encryption, fbi, legal framework, mobile encryption, nsa, privacy, security

NSA's Stealing Keys To Mobile Phone Encryption Shows Why Mandatory Backdoors To Encryption Is A Horrible Idea

from the let's-end-this-now dept

Over the last few months, ever since both Apple and Google announced plans to encrypt data on iOS and Android devices by default, there's been a ridiculous amount of hand-wringing from the law enforcement community about requiring backdoors, golden keys and magic fairy dust that will allow law enforcement to decrypt the information on your phone... or children will die, even though they actually won't.

And, of course, yesterday, the Intercept had its big story about how the NSA (with an assist from GCHQ) hacked its way to get access to the encryption keys used on SIM cards on basically all the mobile phones out there, giving those intelligence agencies easy (warrant-free!) access to conversations that most people thought had at least some encryption. These two stories may not seem to be directly connected (we're talking about different kinds of encryption for different things), but in writing about the SIM card story, Julian Sanchez at Cato makes a really good point about why the Gemalto hack underscores why backdoors are a horrendously bad idea: they create a central point of attack to undermine all the security that people rely on.

Finally, this is one more demonstration that proposals to require telecommunications providers and device manufacturers to build law enforcement backdoors in their products are a terrible, terrible idea. As security experts have rightly insisted all along, requiring companies to keep a repository of keys to unlock those backdoors makes the key repository itself a prime target for the most sophisticated attackers—like NSA and GCHQ. It would be both arrogant and foolhardy in the extreme to suppose that only “good” attackers will be successful in these efforts. 

It would be nice to see that the revelation of the NSA undermining one use of encryption led people to realize the stupidity of undermining other forms of encryption, but somehow, it seems likely that our law enforcement community won't quite comprehend that message.

Filed Under: gchq, mandatory backdoors, mobile encryption, nsa, phone sims, repository, surveillance, target
Companies: apple, gemalto, google

Apple CEO Tim Cook Makes It Clear That He's Not At All Interested In Giving The Government Backdoors To iOS Encryption

from the good-for-him dept

On Friday morning, we noted that the CEOs of Google, Facebook and Yahoo had declined to appear at the President's cybersecurity summit at Stanford, but that Apple CEO Tim Cook was going. However, we pointed out that all signs suggested Cook was going to send a message that he wasn't going to give in and allow the government a backdoor to iOS encryption. Cook had recently noted that the government "would have to cart us out in a box" before Apple would add a backdoor. And, indeed, speaking right before President Obama's speech, Cook delivered a strong defense of encryption and privacy:

“We believe deeply that everyone has a right to privacy and security,” said Cook. “So much of our information now is digital: photos, medical information, financial transactions, our most private conversations. It comes with great benefits; it makes our lives better, easier and healthier. But at Apple, we have always known this also comes with a great responsibility. Hackers are doing everything they can to steal your data, so we’re using every tool at our disposal to build the most secure devices that we can.”

[....]

“People have trusted us with their most personal and private information and we must give them the best technology we can to secure it,” said Cook. “Sacrificing our right to privacy can have dire consequences. We live in a world where people are not treated equally. There are people who don’t feel free to practice their religion, express their opinion or love who they choose. Technology can mean the difference between life and death.”

[....]

“If we don’t do everything we can to protect privacy, we risk more than money,” said Cook. “We risk our way of life.”

It's great to see tech companies taking a stronger and stronger stand in protecting the privacy of their users and customers. Once again, thank Snowden for actually making this an issue that companies actually need to care about.

Filed Under: backdoors, cybersecurity, encryption, ios, mobile encryption, privacy, tim cook

President Obama: I'm A Big Believer In Strong Encryption... But...

from the let's-drop-the-but-part dept

Last Friday, at the White House's Cybersecurity Summit at Stanford, reporter Kara Swisher sat down for a half-hour interview with President Obama (and she even dragged her famous red chairs along). It's a better, more in-depth interview than you're ever likely to see from the established mainstream press, and touches on a variety of issues regarding technology and security. While I don't agree with some of the answers, I will say that the President appears to be extremely well-briefed on these issues, and didn't make any totally ridiculous or glaringly misleading remarks. You can see the whole interview here: In it, he admits that the "Snowden disclosures" (as he calls them) hurt "trust" between DC and the tech industry, and admits that the government has been "a little slow" in updating the laws for how the NSA operates online. However, he does say that surveillance on US persons is very carefully controlled and that he can say "with almost complete certainty that there haven't been abuses on US soil." He admits that's not entirely the case overseas, where there are basically no limits on the NSA's surveillance, and he recognizes that needs to change. Of course, if that's the case, he can do that right now -- because the NSA's authority for all of that is an executive order, 12333, and he could revoke it and write a new one. But he hasn't.

Then he gets to the area I found most interesting and want to focus on, the question of encryption. After discussing how he's looking to update the rules for surveillance and his relationship with tech, the interview proceeds like this:

Obama: There's still some issues like encryption...

Swisher: Let's talk about encryption.

Obama: ... that are challenging, and that's something that's been brought up...

Swisher: What's wrong with what Google and Apple are doing? You have encrypted email.

Obama: Absolutely.

Swisher: Shouldn't everybody have encrypted email and have their protections?

Obama: Everybody should. And I'm a strong believer in strong encryption. Where the tension has come up, is historically what's happened is that... let's say you knew a particular person was involved in a terrorist plot, and the FBI is trying to figure out who else are they trying to communicate with to prevent the plot. Traditionally, what's been able to happen is they get a court order, the FBI goes to the company, they request those records, the same way they'd go get a court order to request a wiretap. The company technically can comply.

The issue here is, partly in response to consumer demand, partly in response to legitimate concerns about consumer privacy, the technologies may be built to a point where, when the government goes...

Swisher: They can't get the information.

Obama: ... the company says "sorry, we just can't pull it. It's so sealed and tight that even though the government has a legitimate request, technologically we cannot do it."

Swisher: Is what they're doing wrong?

Obama: No. I think they are properly responding to a market demand. All of us are really concerned about making sure our...

Swisher: So what are you going to do?

Obama: Well, what we're going to try to do is see if there's a way for us to narrow this gap. Ultimately, everybody -- and certainly this is true for me and my family -- we all want to know if we're using a smartphone for transactions, sending messages, having private conversations, we don't have a bunch of people compromising that process. There's no scenario in which we don't want really strong encryption.

The narrow question is going to be: if there is a proper request for -- this isn't bulk collection, this isn't fishing expeditions by government -- where there's a situation in which we're trying to get a specific case of a possible national security threat, is there a way of accessing it? If it turns out there's not, then we're really going to have to have a public debate. And, I think some in Silicon Valley would make the argument -- which is a fair argument, and I get -- that the harms done by having any kind of compromised encryption are far greater than...

Swisher: That's an argument you used to make, you would have made. Has something changed?

Obama: No, I still make it. It's just that I'm sympathetic to law enforcement...

Swisher: Why? What happened? Because you were much stronger on...

Obama: No, I'm as strong as I have been. I think the only concern is... our law enforcement is expected to stop every plot. Every attack. Any bomb on a plane. The first time that attack takes place, where it turns out we had a lead and couldn't follow up on it, the public's going to demand answers. This is a public conversation that we should be having. I lean probably further in the direction of strong encryption than some do inside law enforcement. But I am sympathetic to law enforcement, because I know the kind of pressure they're under to keep us safe. And it's not as black and white as it's sometimes portrayed. Now, in fairness, I think those in favor of air tight encryption also want to be protected from terrorists.

Swisher: True.

Obama: One of the interesting things about being in this job, is that it does give you a bird's eye view. You are smack dab in the middle of these tensions that exist. But, there are times where folks who see this through a civil liberties or privacy lens reject that there's any tradeoffs involved. And, in fact, there are. And you've got to own the fact that it may be that we want to value privacy and civil liberties far more than we do the safety issues. But we can't pretend that there are no tradeoffs whatsoever.

I actually think this is a very good, nuanced answer to this issue. It doesn't descend into hyperbole about child predators and ticking time bombs like law enforcement officials have done. He admits that there are tradeoffs and, at least publicly, seems to be willing to admit that stronger encryption without compromise might be the best solution.

Of course, where we're left with questions is about his requested "public debate." Where and how is that happening? Because, to date, the only noise on this issue coming out of his administration has been on the other side, pushing for new legislation that would require backdoors and compromise encryption. We haven't seen anyone in the administration presenting the other side at all. And, for those of us who strongly believe that a basic cost/benefit analysis of weakening encryption vs. letting law enforcement do their job through traditional detective work would show that the "costs" of weakened encryption vastly outweigh the "threats" of criminals getting away with stuff, it would be nice to see the government at least recognizing that as well.

President Obama chides civil liberties and privacy folks for not getting that there are tradeoffs here, and I don't think that's accurate. Most do recognize the tradeoffs. It's just that they believe the true benefit in terms of "stopping criminals" to weakening encryption is not very great, while the cost to everyone in risking their own privacy is massive. What we have not seen is any indication that law enforcement recognizes that there are tradeoffs, or that they care. Yes, as the President admits, they're weighing some of this against "not getting blamed" when an inevitable "bad event" happens -- but they don't seem to be willing to recognize, at all, the risks to everyone's privacy. That's why they keep talking about golden keys and magic wizards who can make special encryption that only good guys can use.

So I'm glad that the President at least seems to recognize this is a nuanced issue with tradeoffs, but I wish that others in his administration, especially from the law enforcement side, were willing to recognize that as well.

Filed Under: barack obama, cybersecurity, encryption, kara swisher, law enforcement, mobile encryption, national security, president obama, privacy, security, surveillance

Nobody Saw This Coming: Now China Too Wants Company Encryption Keys And Backdoors In Hardware And Software

from the zone-of-lawlessness dept

A concerted campaign among officials on both sides of the Atlantic to attack strong encryption has intensified in the wake of the Charlie Hebdo killings. Most recently, we've had a leak of a document in which the EU's "Counter-Terrorism Co-ordinator" recommended that Internet companies should be forced to hand over their crypto keys; and now Leslie Caldwell, an assistant attorney general at the US Justice Department, is reported by Vice.com to have made the following comment:

"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we’re prohibited from getting because of a company’s technological choices."

She said that she hopes Apple and Google will consider building in back doors that will allow the companies to decrypt the phones if they are physically mailed back to the manufacturer.

As Techdirt has noted before, this narrative plays right into the hands of repressive governments around the world, which can simply point to the West's argument, and say: "We agree." So it will not come as a huge surprise to readers of this site to learn that when it comes to demanding encryption keys and backdoors from computer companies, China now agrees:

The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars' worth of business in China.

The New York Times article quoted above gives more details, drawing on a chart that lays out the new requirements for companies wishing to sell equipment to the Chinese banking sector:

For most computing and networking equipment, the chart says, source code must be turned over to Chinese officials. But many foreign companies would be unwilling to disclose code because of concerns about intellectual property, security and, in some cases, United States export law.

The chart also calls for companies that want to sell to banks to set up research and development centers in China, obtain permits for workers servicing technology equipment and build "ports" to allow Chinese officials to manage and monitor data processed by their hardware.

The draft antiterrorism law pushes even further, calling for companies to store all data related to Chinese users on servers in China, create methods for monitoring content for terror threats and provide keys to encryption to public security authorities.

Although there is a clear protectionist element to many of these, as well as a desire to take a look at Western source code, the boldest demands -- those for backdoors and encryption keys -- are identical to what the US and EU are implicitly calling for. And so, once again, there is no way for the West to claim the moral high ground here, which inevitably undermines any protestations it might make about China's decision to follow its example.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: backdoors, china, encryption, mobile encryption, surveillance

EU's 'Counter-Terrorism Co-ordinator' Finally Says It: Force Internet Companies To Hand Over Their Crypto Keys

from the just-a-fig-leaf dept

Although calls to ban or backdoor encryption have been made in the past, David Cameron's rather vague threats against crypto clearly mark the start of a new, concerted campaign to weaken online privacy. Thanks to a leaked paper, written by the EU Counter-Terrorism Co-ordinator and obtained by Statewatch, we now have a clear statement of what the European authorities really want here (pdf):

Since the Snowden revelations, internet and telecommunications companies have started to use often de-centralized encryption which increasingly makes lawful interception by the relevant national authorities technically difficult or even impossible. The Commission should be invited to explore rules obliging internet and telecommunications companies operating in the EU to provide under certain conditions as set out in the relevant national laws and in full compliance with fundamental rights access of the relevant national authorities to communications (i.e. share encryption keys).

The set-phrase "in full compliance with fundamental rights" is just a fig leaf: there is no real intention of complying with basic rights here. That this is a just a cynical exploitation of people's concerns in the wake of recent events is shown by the following paragraph from the beginning of the document:

Europe is facing an unprecedented, diverse and serious terrorist threat. The horrific attacks that took place in Paris between 7 and 9 January 2015 were followed by an unprecedented show of unity by millions of citizens in France and across Europe as well as a show of solidarity and political will by many EU and world leaders. In addition to action from the national governments, citizens are looking to the European Union to provide an ambitious response. Core European values have been attacked, in particular freedom of speech. The EU has to respond with meaningful action. Failure to do so could result in disillusionment of citizens with the EU.

Yes, the millions of European citizens who joined marches in support of liberty and freedom of speech would be bitterly disappointed if the EU didn't react by undermining those self-same core values. Nor is the idea to weaken all encryption in Europe the only deeply troubling proposal in the document. Here's another one:

Consideration should be given to a role for Europol in either flagging or facilitating the flagging of content which breaches the platforms’ own terms and conditions. These often go further than national legislation and can therefore help to reduce the amount of radicalising material available online.’ In this context, Europol's Check the Web project could be beefed up to allow for monitoring and analysis of social media communication on the internet.

That's a really great idea: get Europe's main law enforcement agency, Europol, spending its valuable time checking out if Internet users are breaching Facebook's terms and conditions, and generally spying on social networks. After all, that's much more important than doing other things like, oh, I don't know, actually trying to catch murderers and criminals....

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: backdoors, encryption, eu, mobile encryption, privacy

Did David Cameron Just Say He Wants To Undermine All Encryption In The UK?

from the not-thinking-it-through dept

Techdirt has recently reported on New York's top prosecutor calling for laws against strong encryption on smartphones. This is part of a larger move by the authorities on both sides of the Atlantic to demonize this technology, as we noted before. In the wake of the murders in Paris, many of the same politicians and officials have lost no time in calling for more surveillance, again in both the US and Europe. One of those doing so is David Cameron, who said that, if re-elected in the UK general election in May, he would bring in an even more intrusive version of the Snooper's Charter -- one that sought access not just to everyone's metadata, but to the content of their messages too. This is how he phrased it:

The question is are we going to allow a means of communications which it simply isn’t possible to read. My answer to that question is: no, we must not.

Leaving aside the fact that Cameron seems to be saying that he wishes to make privacy impossible and/or illegal in the UK, one key question here is: how does he intend to do this? Neither the UK government nor the Conservative party offered any clarification about this election "promise," which has inevitably led to speculation. For example, The Independent newspaper wrote as follows:

David Cameron could block WhatsApp and Snapchat if he wins the next election, as part of his plans for new surveillance powers announced in the wake of the shootings in Paris.

The Prime Minister said today that he would stop the use of methods of communication that cannot be read by the security services even if they have a warrant. But that could include popular chat and social apps that encrypt their data, such as WhatsApp.

Apple's iMessage and FaceTime also encrypt their data, and could fall under the ban along with other encrypted chat apps like Telegram.

None of those programs was mentioned by Cameron in his speech. But many other news outlets have taken that speculation and reported it as if it were certain; others have interpreted his comments to mean that Cameron aims to ban or perhaps backdoor all strong encryption. It's quite possible that Cameron and his advisers have not thought this through, and simply assume there must be some clever way to give access to the content of encrypted services without undermining them. But as Techdirt has emphasized before, there is no "golden key" that can be used by just the authorities and no one else.

UK services and users can be forced by the Regulation of Investigatory Powers Act (RIPA) to hand over whatever encryption keys they have. Most of the main online services come from US-based companies; some may choose to comply with UK warrants, but others probably won't. And then there is the extremely important class of open source encryption programs -- things like GnuPGP, OpenVPN and Tor: these don't always have companies that can be threatened with legal consequences. So what would Cameron do about those? Make their use illegal for all UK citizens? Even the increasingly-common HTTPS for general web servers is problematic: if they are located outside the UK, there is no way to force them to hand over their keys. So will Cameron forbid people from visiting millions of websites, just in case they allow some form of communication that can't be monitored?

Clearly, trying to implement this scheme will cause huge damage to the British public and to UK businesses, who will be more vulnerable to online attacks. It will also harm the UK economy, since startups with digital products or services will find users in other countries unwilling to use products that have been forced to insert backdoors for the UK intelligence services. And it will further harm the UK's already battered reputation as a civilized country, since Cameron's call to abolish all online privacy goes beyond even the worst oppressive regime (China must be delighted by his speech.)

However, there is a small consolation to be drawn from this extraordinarily stupid and dangerous call by Cameron. The fact that something so controversial is being proposed at all confirms one of the most important points made by Snowden: encryption works.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: backdoors, communications, david cameron, encryption, end-to-end encryption, mobile encryption, privacy, surveillance, uk