FBI should not be believed RE: encryption

Do not believe FBI (including Chris Wray) when they call for intentional weakening or banning of certain cryptographic algorithms/technologies. They claim it hinders their ability to do their job, which is simply untrue. It has always been easier to attack the end-point (or human) than to defeat encryption (even ###tty encryption). What they're looking to do is to weaken privacy, reduce our security and make accessing our private data (likely for bulk/mass purposes) even easier.

Yes, Trump may be trustworthy (to some of us) but he won't be POTUS forever. Unless you believe no future government/POTUS would abuse even more invasive surveillance technology, I highly urge you to oppose this with fervor. I'd personally rather see hundreds of "terror attacks" per day than risk IT SEC. Imposing more BS on US citizens is never the answer. Either shut the borders down, learn how to do your jobs properly (ie: spy on foreign enemies instead of US citizens/political candidates) or accept the fact you won't be able to stop them all. It is a fact of life, and frankly is too bad.

Furthermore, banning certain cryptographic technology would only affect US citizens. It has no impact over-seas (where certain exports are already prohibited - which has failed to stymie strong cryptography). The technology exists and is ubiquitous. Simply put, the security of the Internet and all technology relies on strong cryptography. If the FBI can access a backdoor, anyone can access a backdoor.

Do we really want to trust an agency that can't keep its own house in order with our IT security? How about an agency that can't keep its rogue employees in line? Or its moles, political prostitutes and defectors?

No thanks. Moving forward, anything that doesn't reduce the impact of these bad-actors is not acceptable.

www.foxnews.com...

No thank you, Mr. Wrey. Anyone not presently securing their lives with strong encryption is asking for trouble in a digital world. From your telephone/SMS to your emails, Internet traffic and even handwritten notes - cryptographic technology exists to help you protect yourself from unauthorized intrusion (intrusion authorized explicitly by you).

With encryption, you always retain a veto against unlawful theft of your private data. After all, one can easily "merely forget" a complex key.

Besides, I'm not entirely convinced there is any real threat from "terrorism" anyhow. The events of 9/11 make little logical sense to me (2 planes, 3 towers; Only 3 towers ever collapsed from fire: WTC 1, 2, 7 on 9/11 in NYC), and all 1st amendment chilling, privacy intruding, 4th/5th amendment violating nonsense is based on that singular event. Even if that kick-starter event did happen exactly as they said, there is still a tiny risk of death from terrorism. It kills far less per year globally than things like auto accidents, violent crimes, cancer, heart disease, etc.

His colleagues aren't too happy about his statement and are demanding to know who told him this was possible or desirable.

gizmodo.com...

a reply to: Templeton

Great to see!

Idiots like Wray have little clue how the tech actually works. Like the Comey vs. Apple showdown a few years back, when the FBI "conveniently forgot" they could simply image the iPhone and attack the images (to avoid the lockout counter)

I truly do not understand why any person still voluntarily submits to bulk collection. The technology exists and is fairly cheap, and really makes them go the extra mile to collect your private data.

The worn-out "if you have nothing to hide" mantra doesn't fly with me.
I say: "I have nothing to hide, so you have no reason to look"

a reply to: JBurns

It's pretty moronic to try to purposely break encryption. But plan B will probably be just as bad like mandatory software that sends a screenshot, images from all cameras, and 5 seconds audio back to hq every 5 minutes. It's okay though, they would need a fisa warrant to view it.

a reply to: JBurns

I think you are absolutely right on this issue, and right to call out the person who made the clearly fallacious statement.

I think the FBI and other elements of the intelligence and law enforcement infrastructure in the US, not to mention my own country, are in a rather tough spot at the moment. Those who have signed on to serve in those roles with the right ideas on board about what their service ought to mean, and whose service they believe themselves to be in, would not agree with his statements in the slightest. They know that in the eyes of the people, their purpose is supposed to be the protection of the rights, freedoms, liberty and lives of the people of the nation they are sworn to serve. They know that in order to do that, they must be vigilant against any attempt by agency foreign or domestic, to assail those rights, freedoms, that liberty and the lives of those people. They also know that with more people protecting themselves with cryptographic techniques, the elements of intelligence and law enforcement work which are legitimate in their method of operation, and their aims, are easier to perform on the part of the services performing them, not harder. This is because no legitimate organisation whose purpose is the protection of the aforementioned things, wants or needs access to private data without a warrant or the knowledge of the owner of that information. They know that simple police work is more effective than mass surveillance, against all manner of crimes, including but in no way limited to organised crime and terrorism.

However, the people running the systems that people object to so strongly that they would go to the inconvenience of protecting their data (and lets face it, for all but the most tech savvy, it IS very inconvenient indeed to even think about these matters, leave alone actually learn the ropes of protecting ones data from scratch), the people running these programs which violate privacy, which amount to unreasonable search and seizure, which skirt the need for probable cause or acceptable cause for a warrant to be issued, know that if people protect themselves, their REAL job becomes harder. There are, for the purposes of this discussion, those who know what their jobs REALLY are, who want to be able to access everything, at any time, and those who do not know what their real purpose as operatives of the state are, who disagree with the access everything mentality.

Of those two, only one group has any business being part of a protectorate system, whose purpose is the defence of the people. The other ought to be thrown in irons, beaten with metal bars and thrown into a septic pit.

Unfortunately, it seems as if the fellow whose comments have spawned this thread, is of the latter sort, rather than the former.

Make no bones about it, people of his ilk, who wish to penetrate the lives of innocent people for material gain, under the guise of protecting the public, are of the lowest moral construction, and ought not be given clearance to operate under any official capacity. It is simply wrong that any of the systems they use to do these things even EXIST, leave alone get actually used.

I often wonder what it would take, for the intelligence agencies to stop using these tools they have been developing at all. Would a mere protest of any scale be good enough, or would it literally take a civil war breaking out, and the destruction of the system itself and the arrest and immediate incarceration of any person known to have the blueprints for it within their brains, so that it were never able to be built again?

Either way, it is well past time that these agency morons in the FBI and beyond, accepted that their employment as data collectors for the purpose of violating the rights of citizens, and for the purpose of selling data to third parties too, is illegitimate, that their way of life is illegitimate, that the things they allege to fight for, are not the things they are actually in service of. It is, in short, time these people were forced to re-evaluate the meaning of the things they do and the reasons they do them.

This very topic is why I keep telling you to stop worshipping Nunes, Gowdy and the hundreds of other republicans who consistently votell for more surveillance and bulk collection.

It's also why I don't trust theme at all..

a reply to: Templeton

Templeton, can you see certain wavelength LEDs "accessorized" clothing becoming popular?

a reply to: luthier

They are trapped in this false paradigm where NOT supporting these programs somehow equates to being seen as "not being tough on XX" For instance, the recent 702 re-authorization was a giant mistake (certain people should've listened to their constituents who don't want these impotent programs), and I hope the abuse revelations will somehow mitigate this danger.

The thing is, it is OK to be against these things when they've turned into tools of tyranny. Some of the law makers have missed the point of a Constitutional Democratic-Republic. Towing a specific line (ie: spying tools are always good, government surveillance is patriotic, etc)

I recommend individuals read the DOI, Constitution, BOR, etc if they are interested in learning what "patriotism" and "nationalism" truly is.

a reply to: JBurns

Scary. No unplugging then. The satellites will find you. Wifi and sound are more efficient for now but they require a network and proximity. I could imagine special lidar ink tattoos. You get to pick, forehead or right hand.

a reply to: JBurns

Well, I don't really care what their pandering reasons are. Though I assume it's more based on greed, lobby power, and a lack of moral willpower than anything.

Again. My man Rand, and Amash get elected and they didn't vote for it. Maybe the status quo losers should try some backbone.

a reply to: JBurns

FBI should not be trusted is right...

a reply to: Templeton

On this the Senator and I are in complete agreement.

Wyden ripped into Wray’s speech:
Your stated position parrots the same debunked arguments espoused by your predecessors, all of whom ignored the widespread and vocal consensus of cryptographers.
For years, these experts have repeatedly stated that what you are asking for is not, in fact, possible. Building secure software is extremely difficult, and vulnerabilities are often introduced inadvertently in the design process. Eliminating these vulnerabilities is a mammoth task, and experts are unified in their opinion that introducing deliberate vulnerabilities would likely create catastrophic unintended consequences that could debilitate software functionality and security entirely.

a reply to: intrptr


intrptr, it is unfortunate but true. They have been exposed for so many examples of corruption or other questionable decisions/situations.

Now the new leadership parrots old and tired (not to mention totally false) points made by previous administrations. If there was ever a doubt there was an agenda at play here...!

Much like their poorly crafted (and ineffective) anti-gun legislation (which didn't consult gun people), cryptographers are telling them NO NO NO (just isn't possible).

They seem to be under the impression that they're more than human. That somehow, they can have "total information awareness" which is simply impossible. The government is too incompetent to ever come close to this

a reply to: luthier


No doubt about it luthier, and a total lack of morals and love for this country/its people. Really is a sick day when those "public officials" only care about winning elections and enriching themselves.

I just don't see a real solution here. For more than 100 years our bloodlines have been dropping the ball, and failed to reign in the expansionist government. Instead of holding them accountable, they swallowed up every lie the FED spewed out. Allowing Constitutional rights to be questioned (or in extremely severe cases, infringed upon), while failing to oppose any and all expansion of government programs/agencies/impact/authority/scope/etc.

The non-thinking among our people (especially ancestors) decided the President should have unilateral authority, and for better or worse that is what we're stuck with now.

Where are the Constitutional constraints?

Why did Citizens allow the grand jury to be usurped by "federal rules and procedures" ?

I want to make something clear to all, which many apparently don't realize. Courts are now extensions of the state, at least in practice. The grand jury is now a practical extension of the state. A truly fair and impartial justice system died at the turn of the 20th century, and not a single shot was fired over it.

Despicable.

The FBI should never be believed or Trusted, watching the love-fest of the FBI switch from 'right to left' is amusing though...

a reply to: TrueBrit


I couldn't agree with those sentiments more my friend

It is a reality that those in any profession/occupation will use that position to their own advantage (in one way or another, even if just accepting a discount on coffee at 7-11). This becomes a true problem when such an individual has extremely sensitive access to national security information (or our private data-which should be protected just as well, but of course isn't)

Agreed!

I'd be much more inclined to listen to their arguments if they also applied to their super-duper TOP SECRET encryption systems. The second they put a back-door for "legal process enforcement" in their own tools/equipment, I'll reconsider my POV (OK- I won't reconsider, it is still a DUMB idea and complete false pretense for illegal domestic spying)

I vote we take whatever risks, including the risk of dying/terror attacks and don't touch crypto. Then again, government can do/say whatever it wants, the algorithms and their audited implementations are available for all to see/download/store/bury/copy.

Part of me almost wants to see them actually try this, just to see them crash and burn. Pride before fall, and what not.