MCViewPoint

Opinion from a Libertarian ViewPoint

Posts Tagged ‘backdoors’

Justice Department Attempts To Blame Encryption for Terrorist Attack Feds Failed To See Coming – Reason.com

Posted by M. C. on May 21, 2020

That’s the reason why Wray and Barr keep appealing directly to lawmakers (some of whom are sadly too amenable) and aren’t really trying to win over the public. They know full well that encryption backdoors and other security vulnerabilities can and are already used for malicious purposes by criminals and oppressive governments. They don’t care, as long as they get access, too.

https://reason.com/2020/05/19/justice-department-attempts-to-blame-encryption-for-terrorist-attack-feds-failed-to-see-coming/

When a Saudi Arabian man named Mohammed Saeed Alshamrani opened fire at the Naval Air Station in Pensacola, Florida, in December 2019, killing three and injuring eight, the FBI assumed (correctly) it was an act of terrorism.

Alshamrani, who was 21 and a lieutenant in the Royal Saudi Air Force, was at a training program sponsored by the Pentagon in an agreement with Saudi Arabia. A subsequent investigation by both the United States and Saudi Arabia would show that Alshamrani may have been radicalized by Al Qaeda as far back as 2015 and had been tweeting out angry comments against the United States and Israel prior to the attack. That information started coming to light less than a week after the attack, raising questions about whether the American government had done a bad job vetting Alshamrani before letting him into the United States to train.

But Alshamrani also had two iPhones that were locked (which the FBI couldn’t get access to upon his death), so instead of focusing on what intelligence failures allowed for Alshamrani to enter the United States, the Justice Department is instead continuing its attack on encryption. Immediately after the attack, FBI got a warrant to search Alshamrani’s phones andthey approached Apple, asking for help breaking into them. Apple reportedly gave the FBI access to data that the man had stored on his iCloud, but as has been their practice for years now, their encryption system doesn’t give Apple the ability to bypass it and the company would not assist in breaking into the phones.

This has been a sticking point between Apple (and other tech companies) and the Justice Department for years now. Strong encryption is vital to protecting everybody’s data privacy from criminals and any other bad actors with malicious intent (like authoritarian governments and spies). Criminals and terrorists, of course, can also use encryption to prevent their conversations and plans from being detected by police who might stop them. Any tool can be used for good and bad purposes.

This fight is back in the news this week because the Justice Department revealed on Monday that it had finally managed to break into Alshamrani’s phone without Apple’s help. This should be good news, but it’s clear that the FBI and Department of Justice have decided that they’re going to continue using this case to try to attack end-to-end encryption and attempt to force tech companies to install virtual backdoors that allow government officials to bypass security protections.

On Monday, Attorney General William Barr briefly summarized what they’ve learned from Alshamrani’s phone:

  • Alshamrani and his Al Qaeda in the Arabian Peninsula (AQAP) associates communicated using end-to-end encrypted apps, with warrant-proof encryption, deliberately in order to evade law enforcement.
  • Alshamrani’s preparations began years ago. He had been radicalized by 2015, and having connected and associated with AQAP operatives, joined the Royal Saudi Air Force in order to carry out a “special operation.”
  • In the months before the 2019 attack, while in the United States, Alshamrani had specific conversations with overseas AQAP associates about plans and tactics. In fact, he even conferred with his AQAP associates up until the night before the attack.

Note that the first item is obvious, and the second item was actually uncovered early on in the investigation. The third item, intended to serve as a justification for attacking encryption, is more of an indication of an intelligence failure. The press release from the Justice Department makes it clear that Alshamrani was not on the FBI’s radar prior to the attack and there’s no sign they had been trying to get access to his phone data until after the attack. The Justice Department observes in the release, “The phonescontained important, previously-unknown information that definitively established Alshamrani’s significant ties to Al Qaeda in the Arabian Peninsula (AQAP), not only before the attack, but before he even arrived in the United States. The FBI now has a clearer understanding of Alshamrani’s associations and activities in the years, months, and days leading up to the attack.”

So even though the federal government was unsuccessful in noticing Alshamrani’s radicalization that happened four years ago, before he ever came to America, the problem is now that they couldn’t get into his phone after the deed was done.

Both Barr and FBI Director Chris Wray continue to use these edge cases to demand that Congress force companies like Apple to cooperate with the feds and let them bypass encryption.

“If not for our FBI’s ingenuity, some luck, and hours upon hours of time and resources, this information would have remained undiscovered,” Barr said in the statement. “The bottom line: our national security cannot remain in the hands of big corporations who put dollars over lawful access and public safety. The time has come for a legislative solution.”

It has been a long-running strategy for the Justice Department to treat Apple’s extremely valuable and important encryption tools as just some marketing gimmick to win over customers.

In a speech yesterday, Barr and Wray continued the assault. Barr said:

Apple’s desire to provide privacy for its customers is understandable, but not at all costs. Under our nation’s long-established constitutional principles, where a court authorizes a search for evidence of a crime, an individual’s privacy interests must yield to the broader needs of public safety. There is no reason why companies like Apple cannot design their consumer products and apps to allow for court-authorized access by law enforcement while maintaining very high standards of data security. Striking this balance should not be left to corporate boardrooms. It is a decision to be made by the American people through their representatives.

Let’s circle back to my observation above that a tool can be used for either good purposes or bad. That’s the Justice Department’s own argument, right? People are using encryption to hide crimes. Except, suddenly, when the Justice Department wants a key to bypass the encryption, suddenly it’s possible to create a tool that can only be used by the “right” people.

That’s not how encryption backdoors work. And as it has reminded us all every time this stupid argument rears its head, Apple responded yesterday with the same message. End-to-end encryption protects us because there aren’t backdoors. Apple responded (via The Verge):

It is because we take our responsibility to national security so seriously that we do not believe in the creation of a backdoor—one which will make every device vulnerable to bad actors who threaten our national security and the data security of our customers. There is no such thing as a backdoor just for the good guys, and the American people do not have to choose between weakening encryption and effective investigations.

Customers count on Apple to keep their information secure and one of the ways in which we do so is by using strong encryption across our devices and servers. We sell the same iPhone everywhere, we don’t store customers’ passcodes and we don’t have the capacity to unlock passcode-protected devices. In data centers, we deploy strong hardware and software security protections to keep information safe and to ensure there are no backdoors into our systems. All of these practices apply equally to our operations in every country in the world.

That’s the reason why Wray and Barr keep appealing directly to lawmakers (some of whom are sadly too amenable) and aren’t really trying to win over the public. They know full well that encryption backdoors and other security vulnerabilities can and are already used for malicious purposes by criminals and oppressive governments. They don’t care, as long as they get access, too.

 

Be seeing you

 

 

Posted in Uncategorized | Tagged: , , , , , , | Leave a Comment »

The Govt. Wants to OUTLAW Encrypted Messaging – The Organic Prepper

Posted by M. C. on July 4, 2019

And…you know… maybe what you’re talking about is nobody else’s business…

https://www.theorganicprepper.com/outlaw-encrypted-messaging/

by Daisy Luther

If you ever use the encrypted messaging options on programs like iMessage, WhatsApp, Signal, Wickr, Telegram, or any other service, your time to discuss things privately over the phone may be running out. The US government doesn’t like for anything to get in the way of their ability to spy on investigate even the most mundane of conversations.

Instead of seeing privacy as a right, they see it as suspicious. Your devices are already being searched at quadruple the previous rate in airports. And the attack on free speech is now going as far as our private messages to our friends and family.

Because the only reason we’d want privacy is that we’re criminals

This was the topic of a National Security meeting last week.

The encryption challenge, which the government calls “going dark,” was the focus of a National Security Council meeting Wednesday morning that included the No. 2 officials from several key agencies, according to three people familiar with the matter.

Senior officials debated whether to ask Congress to effectively outlaw end-to-end encryption, which scrambles data so that only its sender and recipient can read it, these people told POLITICO. Tech companies like Apple, Google and Facebook have increasingly built end-to-end encryption into their products and software in recent years — billing it as a privacy and security feature but frustrating authorities investigating terrorism, drug trafficking and child pornography. (source)

So, which government agencies are hot to make encrypted messages illegal?

The DOJ and the FBI argue that catching criminals and terrorists should be the top priority, even if watered-down encryption creates hacking risks. The Commerce and State Departments disagree, pointing to the economic, security and diplomatic consequences of mandating encryption “backdoors.”

DHS is internally divided. The Cybersecurity and Infrastructure Security Agency knows the importance of encrypting sensitive data, especially in critical infrastructure operations, but ICE and the Secret Service regularly run into encryption roadblocks during their investigations. (source)

It looks like the simpler answer is the few who understand there are reasonable, non-criminal uses.

There are plenty of legitimate reasons we might want to encrypt our conversations.

Of course, we know there are dozens of reasons we might want to use the encryption function on our favorite messaging apps. For example, when I was recently traveling in Europe, I needed to give my daughter credit card information to pay a bill for me. I used the encryption function on Telegram to send it because who wants that out there floating around?

Indeed, there are many legitimate reasons to use end-to-end encryption.

A ban on end-to-end-encryption would make it easier for law enforcement and intelligence agents to access suspects’ data. But such a measure would also make it easier for hackers and spies to steal Americans’ private data, by creating loopholes in encryption that are designed for the government but accessible to anyone who reverse-engineers them. Watering down encryption would also endanger people who rely on scrambled communications to hide from stalkers and abusive ex-spouses. (source)

And…you know… maybe what you’re talking about is nobody else’s business… Read the rest of this entry »

Posted in Uncategorized | Tagged: , , , , | Leave a Comment »