Tag Archives: Encryption

JOHN MCAFEE: I’ll decrypt the San Bernardino phone free of charge so Apple doesn’t need to place a back door on its product

Posted on February 20, 2016 | Leave a comment

From John McAfee at businessinsider.com:

Cybersecurity expert John McAfee is running for president in the US as a member of the Libertarian Party. This is an op-ed article he wrote and gave us permission to run.

Using an obscure law, written in 1789 — the All Writs Act — the US government has ordered Apple to place a back door into its iOS software so the FBI can decrypt information on an iPhone used by one of the San Bernardino shooters.

It has finally come to this. After years of arguments by virtually every industry specialist that back doors will be a bigger boon to hackers and to our nation’s enemies than publishing our nuclear codes and giving the keys to all of our military weapons to the Russians and the Chinese, our government has chosen, once again, not to listen to the minds that have created the glue that holds this world together.

This is a black day and the beginning of the end of the US as a world power. The government has ordered a disarmament of our already ancient cybersecurity and cyberdefense systems, and it is asking us to take a walk into that near horizon where cyberwar is unquestionably waiting, with nothing more than harsh words as a weapon and the hope that our enemies will take pity at our unarmed condition and treat us fairly.

Any student of world history will tell you that this is a dream. Would Hitler have stopped invading Poland if the Polish people had sweetly asked him not to do so? Those who think yes should stand strongly by Hillary Clinton’s side, whose cybersecurity platform includes negotiating with the Chinese so they will no longer launch cyberattacks against us.

The FBI, in a laughable and bizarre twist of logic, said the back door would be used only once and only in the San Bernardino case.

Tim Cook, CEO of Apple, replied:

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

No matter how you slice this pie, if the government succeeds in getting this back door, it will eventually get a back door into all encryption, and our world, as we know it, is over. In spite of the FBI’s claim that it would protect the back door, we all know that’s impossible. There are bad apples everywhere, and there only needs to be in the US government. Then a few million dollars, some beautiful women (or men), and a yacht trip to the Caribbean might be all it takes for our enemies to have full access to our secrets.

Cook said:

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The fundamental question is this: Why can’t the FBI crack the encryption on its own? It has the full resources of the best the US government can provide.

To continue reading: JOHN MCAFEE: I’ll decrypt the San Bernardino phone free of charge so Apple doesn’t need to place a back door on its product

Leave a comment

Posted in Civil Liberties, Crime, Government, Surveillance, Technology

Tagged ,

Upgrade Your iPhone Passcode to Defeat the FBI’s Backdoor Strategy, by Micah Lee

Posted on February 20, 2016 | Leave a comment

From Micah Lee, at theintercept.com:

YESTERDAY, APPLE CEO TIM COOK published an open letter opposing a court order to build the FBI a “backdoor” for the iPhone.

Cook wrote that the backdoor, which removes limitations on how often an attacker can incorrectly guess an iPhone passcode, would set a dangerous precedent and “would have the potential to unlock any iPhone in someone’s physical possession,” even though in this instance, the FBI is seeking to unlock a single iPhone belonging to one of the killers in a 14-victim mass shooting spree in San Bernardino, California, in December.

It’s true that ordering Apple to develop the backdoor will fundamentally undermine iPhone security, as Cook and other digital security advocates have argued. But it’s possible for individual iPhone users to protect themselves from government snooping by setting strong passcodes on their phones — passcodes the FBI would not be able to unlock even if it gets its iPhone backdoor.

The technical details of how the iPhone encrypts data, and how the FBI might circumvent this protection, are complex and convoluted, and are being thoroughly explored elsewhere on the internet. What I’m going to focus on here is how ordinary iPhone users can protect themselves.

The short version: If you’re worried about governments trying to access your phone, set your iPhone up with a random, 11-digit numeric passcode. What follows is an explanation of why that will protect you and how to actually do it.

If it sounds outlandish to worry about government agents trying to crack into your phone, consider that when you travel internationally, agents at the airport or other border crossings can seize, search, and temporarily retain your digital devices — even without any grounds for suspicion. And while a local police officer can’t search your iPhone without a warrant, cops have used their own digital devices to get search warrants within 15 minutes, as a Supreme Court opinion recently noted.

The most obvious way to try and crack into your iPhone, and what the FBI is trying to do in the San Bernardino case, is to simply run through every possible passcode until the correct one is discovered and the phone is unlocked. This is known as a “brute force” attack.

For example, let’s say you set a six-digit passcode on your iPhone. There are 10 possibilities for each digit in a numbers-based passcode, and so there are 106, or 1 million, possible combinations for a six-digit passcode as a whole. It is trivial for a computer to generate all of these possible codes. The difficulty comes in trying to test them.

One obstacle to testing all possible passcodes is that the iPhone intentionally slows down after you guess wrong a few times. An attacker can try four incorrect passcodes before she’s forced to wait one minute. If she continues to guess wrong, the time delay increases to five minutes, 15 minutes, and finally one hour. There’s even a setting to erase all data on the iPhone after 10 wrong guesses.

This is where the FBI’s requested backdoor comes into play. The FBI is demanding that Apple create a special version of the iPhone’s operating system, iOS, that removes the time delays and ignores the data erasure setting. The FBI could install this malicious software on the San Bernardino killer’s iPhone, brute force the passcode, unlock the phone, and access all of its data. And that process could hypothetically be repeated on anyone else’s iPhone.

(There’s also speculation that the government could make Apple alter the operation of a piece of iPhone hardware known as the Secure Enclave; for the purposes of this article, I assume the protections offered by this hardware, which would slow an attacker down even more, are not in place.)

Even if the FBI gets its way and can clear away iPhone safeguards against passcode guessing, it faces another obstacle, one that should help keep it from cracking passcodes of, say, 11 digits: It can only test potential passcodes for your iPhone using the iPhone itself; the FBI can’t use a supercomputer or a cluster of iPhones to speed up the guessing process. That’s because iPhone models, at least as far back as May 2012, have come with a Unique ID (UID) embedded in the device hardware. Each iPhone has a different UID fused to the phone, and, by design, no one can read it and copy it to another computer. The iPhone can only be unlocked when the owner’s passcode is combined with the the UID to derive an encryption key.

So the FBI is stuck using your iPhone to test passcodes. And it turns out that your iPhone is kind of slow at that: iPhones intentionally encrypt data in such a way that they must spend about 80 milliseconds doing the math needed to test a passcode, according to Apple. That limits them to testing 12.5 passcode guesses per second, which means that guessing a six-digit passcode would take, at most, just over 22 hours.

You can calculate the time for that task simply by dividing the 1 million possible six-digit passcodes by 12.5 per seconds. That’s 80,000 seconds, or 1,333 minutes, or 22 hours. But the attacker doesn’t have to try each passcode; she can stop when she finds one that successfully unlocks the device. On average, it will only take 11 hours for that to happen.

But the FBI would be happy to spend mere hours cracking your iPhone. What if you use a longer passcode? Here’s how long the FBI would need:

seven-digit passcodes will take up to 9.2 days, and on average 4.6 days, to crack
eight-digit passcodes will take up to three months, and on average 46 days, to crack
nine-digit passcodes will take up to 2.5 years, and on average 1.2 years, to crack
10-digit passcodes will take up to 25 years, and on average 12.6 years, to crack
11-digit passcodes will take up to 253 years, and on average 127 years, to crack
12-digit passcodes will take up to 2,536 years, and on average 1,268 years, to crack
13-digit passcodes will take up to 25,367 years, and on average 12,683 years, to crack

To continue reading: Upgrade Your iPhone Passcode to Defeat the FBI’s Backdoor Strategy

Leave a comment

Posted in Civil Liberties, Crime, Government, Surveillance, Technology

Tagged ,

Secret Memo Details U.S.’s Broader Strategy to Crack Phones, by Michael Riley and Jordan Robertson

Posted on February 19, 2016 | 2 comments

From Michael Riley and Jordan Robertson at bloomberg.com:

‘Decision memo’ directs agencies to find ways to access data

Officials met around Thanksgiving to discuss encryption plans

Silicon Valley celebrated last fall when the White House revealed it would not seek legislation forcing technology makers to install “backdoors” in their software — secret listening posts where investigators could pierce the veil of secrecy on users’ encrypted data, from text messages to video chats. But while the companies may have thought that was the final word, in fact the government was working on a Plan B.

In a secret meeting convened by the White House around Thanksgiving, senior national security officials ordered agencies across the U.S. government to find ways to counter encryption software and gain access to the most heavily protected user data on the most secure consumer devices, including Apple Inc.’s iPhone, the marquee product of one of America’s most valuable companies, according to two people familiar with the decision.

The approach was formalized in a confidential National Security Council “decision memo,” tasking government agencies with developing encryption workarounds, estimating additional budgets and identifying laws that may need to be changed to counter what FBI Director James Comey calls the “going dark” problem: investigators being unable to access the contents of encrypted data stored on mobile devices or traveling across the Internet. Details of the memo reveal that, in private, the government was honing a sharper edge to its relationship with Silicon Valley alongside more public signs of rapprochement.

On Tuesday, the public got its first glimpse of what those efforts may look like when a federal judge ordered Apple to create a special tool for the FBI to bypass security protections on an iPhone 5c belonging to one of the shooters in the Dec. 2 terrorist attack in San Bernardino, California that killed 14 people. Apple Chief Executive Officer Tim Cook has vowed to fight the order, calling it a “chilling” demand that Apple “hack our own users and undermine decades of security advancements that protect our customers.” The order was not a direct outcome of the memo but is in line with the broader government strategy.

White House spokesman Josh Earnest said Wednesday that the Federal Bureau of Investigation and Department of Justice have the Obama administration’s “full” support in the matter. The government is “not asking Apple to redesign its product or to create a new backdoor to their products,” but rather are seeking entry “to this one device,” he said.

Security specialists say the case carries enormous consequences, for privacy and the competitiveness of U.S. businesses, and that the National Security Council directive, which has not been previously reported, shows that technology companies underestimated the resolve of the U.S. government to access encrypted data.

To continue reading: Secret Memo Details U.S.’s Broader Strategy to Crack Phones

2 Comments

Posted in Business, Civil Liberties, Crime, Government, Surveillance, Technology

Tagged ,

Question of the Day, by Back in PA Mike

Posted on February 18, 2016 | Leave a comment

From Back in PA Mike at theburningplatform.com:

Should federal judges be in the business of forcing private companies to invent things to destroy the security of their product and help them with their investigations?

From AP, yes, they still exist.

NEW YORK (AP) — Faced with a federal judge’s order to help investigators break into an iPhone used by one of the San Bernardino, California, shooters, Apple may well argue that the request places an unreasonable burden on the company.

In fact, experts say that complying with the government’s request wouldn’t be particularly challenging for Apple. But doing so might set a dangerous precedent that could threaten the data security of the millions of iPhone users around the world.

The phone in question was used by Syed Farook, who along with his wife, Tashfeen Malik, killed 14 people in a December attack. Investigators don’t know if the phone contains important evidence about the attack or the couple’s communications — and because its contents are encrypted, they won’t unless they can get the passcode to unlock it. The phone was issued by Farook’s employer, the county of San Bernardino.

Investigators can’t just try random passcodes until they hit on the right one, either. The phone has apparently enabled an Apple security feature — a sort of self-destruct option that would render the phone’s data unreadable after 10 incorrect passcode attempts.

The judge’s order requires Apple to create a unique software package — one Apple CEO Tim Cook described as “a new version of the iPhone operating system” — that would allow investigators to bypass the self-destruct system. The same software would also let the government enter passcodes electronically, eliminating both the tedium of manual entry and the enforced delays the iPhone system imposes after a few wrong guesses.

Apple opposes the order, arguing that such software would amount to a security “backdoor” that would ultimately make iPhone users across the globe more vulnerable to information or identity theft. Both the ACLU and the Electronic Frontier Foundation have pledged to support Apple, saying that the government’s request endangers security and privacy.

From a technical perspective, making such software shouldn’t be difficult for Apple, experts say. But once created, it would be nearly impossible to contain, says Ajay Arora, CEO and co-founder of Vera, a startup that provides companies with encryption services.

“Imagine if that got into the wrong hands,” he says. “What they’re asking for is a God key — and once you get that, there’s no going back.”

The demands being made of Apple border on the bizarre, says Lee Tien, a staff attorney for the Electronic Frontier Foundation, a digital rights group. “Asking a technology company to make its security less secure is a crazy, stupid thing to do,” he says. “It’s like asking water not to be wet.”

The government’s best bet may be to argue that its request doesn’t actually create a backdoor, even if that’s how Apple characterizes the request, says Robert Cattanach, a former Justice Department attorney. But Apple is probably right to worry that a government win in this case will lead to broader requests down the road.

“If the court rules in favor of the government, then I think the stage has been set for the next step, which is, ‘Thanks for removing the auto-wipe. Now you need to help us defeat the code’,” Cattanach says. “If you’re the government, you’re going to ask for that.”

__

AP Technology Writers Brandon Bailey and Michael Liedtke in San Francisco contributed to this report.

http://www.theburningplatform.com/2016/02/18/question-of-the-day/

Leave a comment

Posted in Civil Liberties, Government

Tagged ,

IMPORTANT, PLEASE REPOST: Apple Vows to Defend Its Customers as the FBI Launches a War on Privacy and Security, by Michael Krieger

Posted on February 17, 2016 | 1 comment

In the interest of getting this important article as widely read as possible, it is posted in its entirety. There are numerous links to other Liberty Blitzkrieg articles in the original article. To access those links, clink the link at the end of the article and go directly to the original. From Michael Krieger at libertyblitzkrieg.com:

Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

– From Apple CEO Tim Cook’s letter: A Message to Our Customers

I’ve spend most of the morning reading as much as possible about the explosive battle between the FBI and Apple over consumer rights to digital privacy and security. I came away with a refined sense of just how monumental this case is, as well as a tremendous amount of respect for Apple CEO Tim Cook for his public stance against the feds.

Before I get into the issue at hand, some background is necessary. The feds, and the FBI in particular, have been very vocal for a long time now about the desire to destroy strong encryption, i.e., the ability of citizens to communicate privately. A year ago, I wrote the following in the post, By Demanding Backdoors to Encryption, U.S. Government is Undermining Global Freedom and Security:

One of the biggest debates happening at the intersection of technology and privacy at the moment revolves around the U.S. government’s fear that the American peasantry may gain access to strong encryption in order to protect their private communications. Naturally, this isn’t something Big Brother wants to see, and the “solution” proposed by the status quo revolves around forcing technology companies to provide a way for the state to have access to all secure communications when they deem it necessary.

Many technology experts have come out strongly against this plan. Leaving aside the potential civil liberties implications of giving the lawless maniacs in political control such power, there’s the notion that if you create access for one group of entitled people, you weaken overall security. Not to mention the fact that if the U.S. claims the right to such privileged access, all other countries will demand the same in return, thus undermining global privacy rights and technology safeguards.

We are already seeing this play out in embarrassing fashion. Once again highlighting American hypocrisy and shortsightedness, as well as demonstrating that the U.S. government does’t actually stand for anything, other than the notion that “might means right.” Sad.

Here are a few other previously published articles on the topic:

The War on Encryption and Bitcoin – Nothing to Do with Terrorism, Everything to Do with State Control

Government is Lying – New Study Shows No Increase in Use of Encryption by Jihadists Since Snowden Revelations

War on Encryption: Highlighting Two Crucial Articles on the Latest NSA Revelations

With that out of the way, let’s turn our attention to the issue at hand. Specifically, how Tim Cook, CEO of Apple, threw down the gauntlet yesterday in a message to his customers. Here are a few critical excerpts:

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government’s efforts to solve this horrible crime. We have no sympathy for terrorists.

When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority. The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

Indeed, as Edward Snowden noted on Twitter:

The @FBI is creating a world where citizens rely on #Apple to defend their rights, rather than the other way around. https://t.co/vdjB6CuB7k

— Edward Snowden (@Snowden) February 17, 2016

Tim Cook deserves tremendous credit for the courage to come out and so aggressively and publicly denounce what the FBI is trying to do. If he hadn’t decided to publicly challenge the court order and write a detailed treatise on precisely why, the American citizenry would be left completely in the dark. This would be an unethical and unacceptable position.

Second, this case could very well be headed up to higher courts. The greatest risk in these sorts of cases revolves around judicial ignorance when it comes to technology issues. The government knows all too well that most judges are clueless when it comes to tech, and that all they have to do is scaremonger with the word “terrorism” and judges will almost always default to the government position. Cook’s very public stance will at least shine some light on the issue and hopefully fuel robust, intelligent public debate which could inform judges ahead of being presented with technology related cases they don’t really understand.

I’d now like to share additional tidbits I discovered from various articles around the web on the topic. First, from Ars Technica:

“[The Department of Justice] went with the nuclear option,” Chris Soghoian, a technologist with the American Civil Liberties Union, told Ars.

Similarly, Ahmed Ghappour, a law professor at the University of California, Hastings, concurred.

“Here you have the government using a catch-all statute from the 18th century to compel a technology company to ‘assist’ law enforcement by designing custom software to backdoor an encrypted device,” he told Ars. “The ramifications of such a precedent could be tremendous. If the government can compel Apple to provide custom software, why can’t they compel Facebook to customize analytics that predicts the criminality of their user base?”

Now here’s what a member of Congress who actually understands technology had to say on the matter. From the Daily Dot:

A federal judge’s order directing Apple to help the FBI break into the San Bernardino shooter’s iPhone effectively “forces private-sector companies like Apple to be used as an arm of law enforcement,” one of the most prominent pro-encryption voices in Congress said Tuesday night.

Rep. Ted Lieu (D-Calif.), a Stanford University computer-science graduate, wondered where the use of the All Writs Act—on which the magistrate judge based her ruling—might lead.

Critics of the order argue that, based on its wording, all software companies could be forced to insert potentially harmful code into their products, because, as the government argued, “writing software code is not an unreasonable burden for a company that writes software code as part of its regular business.”

“Can courts compel Facebook to provide analytics of who might be a criminal?” Lieu said in an email to the Daily Dot. “Or Google to give a list of names of people who searched for the term ISIS? At what point does this stop?”

Recall, I’ve highlighted Rep. Lieu’s efforts in the past. See the post: This is What Happens When a Member of Congress Holds a Computer Science Degree (*Hint: Logic).

Moving along, the Obama administration is now coming out and claiming that it’s not looking for a backdoor. Reuters reports:

Feb 17 The court ruling ordering Apple Inc. to help unlock an iPhone belonging to one of the San Bernardino attackers represents just one case, the White House said on Wednesday, emphasizing that the U.S. Department of Justice is asking the tech giant for access to a single device.

In a briefing with reporters, White House spokesman Josh Earnest deferred to the Justice Department but said it’s important to recognize that the government is not asking Apple to redesign its product or “create a new backdoor to its products.”

But let’s revisit Tim Cook’s exact words. He wrote:

They have asked us to build a backdoor to the iPhone.

Given the fact the Obama administration is essentially calling Tim Cook a liar, I decided to initiate a Twitter poll (final results are not yet in, but it stands at 94% voting Tim Cook).

Poll Time: Tim Cook says the government is asking for a backdoor. Obama says it isn’t. Who’s telling the truth?

— Michael Krieger (@LibertyBlitz) February 17, 2016

Please share this post. It is monumentally important that as much of the public as possible (including judges) knows exactly what’s at stake here. Do we really want to sacrifice overall privacy and security in order to get information from one person’s phone?

Or what about the following question posed by cryptography professor Matthew Green:

If the US government dictating iPhone encryption design sounds ok to you, ask yourself how you’ll feel when China demands the same.

— Matthew Green (@matthew_d_green) February 17, 2016

These are enormous questions with tremendous implications. I just hope we as a society choose wisely.

In Liberty,
Michael Krieger

http://libertyblitzkrieg.com/2016/02/17/apple-vows-to-defend-its-customers-as-the-fbi-launches-a-war-on-privacy-and-security/

 

 

1 Comment

Posted in Civil Liberties, Government, Intelligence, Law, Surveillance

Tagged ,

Technology Is a Mysterious Enemy to Politicians, by Lucy Steigerwald

Posted on December 18, 2015 | Leave a comment

From Lucy Steigerwald at antiwar.com:

The most recent Republican debate for the 2016 election was unsurprisingly dominated by the shadow of terrorism and war. The Paris attacks that killed more than 130 people, plus the 14 deaths in San Bernardino, California seem to have brought about a new-old sentiment among Republicans. The year is now somewhere between 2001 and 2005 again.

One thing that has changed since the height of Bush-and-Cheney paranoia? Technology. The Internet is our lives like it wasn’t in the pre-iPhone days. And with great dependence comes great(er) government-induced fear-mongering.

Encryption is often the big boogeyman, a sentiment which Ohio Gov. John Kasich expressed at the debate. As always, details of who used what to plan what terrorist attack never seem to matter so much as frightening hypotheticals. The NSA’s dragnet spying is vital. We are in danger every moment one legal justification for that program is down, and we must bring it back. So said Sen. Marco Rubio at the debate, a point that is generally echoed by every candidate on stage except for Sen. Rand Paul (and Sen. Ted Cruz on a good day).

These presidential candidates are pandering to the right, powerful people. Feds constantly say they cannot afford to “go dark.” Meaning, they need on-demand backdoor access to servers and mobile devices and cannot let technology leave them powerless to spy and snoop.

Apple and Google have responded to the question of how much they should oblige law enforcement by taking the decision out of their own hands altogether. Full device encryption is standard on all Apple and Android devices sold with the current operating systems. The keys for this encryption is stored locally and not held by Apple or Google. That’s one way to get around certain requests, and it is a way that ticks off many of the people who are dying to be the so-called leader of the free world.

Former Hewlett-Packer CEO Carly Fiorina spoke critically about tech at the debate as well. (She also he told the vaguest Tom Clancy novel plot summary of all time about the time she happily shared technology with the NSA, so they could more easily implement the STELLARWIND wiretapping.) She may be the most adamantly anti-technology, anti-Fourth Amendment of the Republican candidates, speaking about the PATRIOT Act not in terms of its horrible legacy, but in terms of something nice that needs a serious tune-up in 2015. In her mind, government’s job is to keep pace with each new method of communication, or new technological toy. The idea that anonymity has value has not occurred to her. Not when terrorists are out there. And companies shouldn’t need to be forced to comply, they should do it anyway.

Naturally, the idea that cyber-terrorists are a serious threat but also the government needs to be able to force backdoor access into devices is one that government officials can hold flawlessly in their compartmentalized minds. Even if the latter would make life much easier for any malevolent hacker. And even if law enforcement still has many other options when it comes to snooping out data and communications.

To continue reading: Technology Is a Mysterious Enemy to Politicians

Leave a comment

Posted in Civil Liberties, Government, Surveillance, Technology

Tagged ,

Government is Lying – New Study Shows No Increase in Use of Encryption by Jihadists Since Snowden Revelations, by Michael Krieger

Posted on November 19, 2015 | Leave a comment

From Michael Krieger at libertyblitzkrieg.com

Speaking less than three days after coordinated terrorist attacks in Paris killed 129 and injured hundreds more, Mr. Brennan complained about “a lot of hand-wringing over the government’s role in the effort to try to uncover these terrorists.”

What he calls “hand-wringing” was the sustained national outrage following the 2013 revelations by Edward Snowden, a former National Security Agency contractor, that the agency was using provisions of the Patriot Act to secretly collect information on millions of Americans’ phone records.

It is hard to believe anything Mr. Brennan says. Last year, he bluntly denied that the C.I.A. had illegally hacked into the computers of Senate staff members conducting an investigation into the agency’s detention and torture programs when, in fact, it did. In 2011, when he was President Obama’s top counterterrorism adviser, he claimed that American drone strikes had not killed any civilians, despite clear evidence that they had. And his boss, James Clapper Jr., the director of national intelligence, has admitted lying to the Senate on the N.S.A.’s bulk collection of data. Even putting this lack of credibility aside, it’s not clear what extra powers Mr. Brennan is seeking.

– From the New York Times editorial board article: Mass Surveillance Isn’t the Answer to Fighting Terrorism

Let’s get a few things clear right off the bat.

U.S. intelligence agencies have been waiting for a terror attack to do two things. 1) Blame Edward Snowden. 2) Target Encryption.

This is why in the immediate aftermath of the Paris tragedy, we saw the following…

From the post, Meet the Institution Most Intent on Destroying American Freedom – (*Hint: It’s Not ISIS):

CIA Director John Brennan said Monday he suspects the Islamic State is currently working on more terrorist plots against the West following Friday’s attack in Paris that killed at least 129 people and injured hundreds more. He also criticized new privacy protections enacted after Edward Snowden’s disclosures about U.S. government surveillance practices.

In his remarks, Brennan said the attacks should serve as a “wake-up call” for those misrepresenting what intelligence services do to protect innocent civilians. He cited “a number of unauthorized disclosures, and a lot of handwringing over the government’s role in the effort to try to uncover these terrorists.”

To continue reading: No Increase in Use of Encryption by Jihadists Since Snowden Revelations

Leave a comment

Posted in Civil Liberties, Government, Surveillance

Tagged ,

Government Spies See Opportunity in Terrorist Attack, by Jason Farrell

Posted on September 25, 2015 | Leave a comment

From Jason Farrell, at antiwar.com:

As if they weren’t Machiavellian enough, spy agencies are evidently waiting for the next terrorist attack to change public opinion on the need for encryption backdoors, reports The Washington Post.

The intelligence community’s top lawyer, Robert S. Litt, lamented in a leaked email that “the legislative environment is very hostile today … [but] it could turn in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement.” According to the Post, Litt suggested there may be value in “keeping our options open for such a situation.”

A second senior intelligence official added: “People are still not persuaded this is a problem. People think we have not made the case. We do not have the perfect example where you have the dead child or a terrorist act to point to, and that’s what people seem to claim you have to have.”

The intelligence community has been frustrated by resistance to its attempts to weaken encryption through legislation. Congress does not have any legislation on deck that would require companies to hack their own customers if the government can produce a warrant. A “dead child” would undoubtedly help their cause with the public. But their “we need a terrorist attack to prove that people should be worried about terrorist attacks” theory is troubling, to put it mildly.

To continue reading: Government Spies See Opportunity in Terrorist Attack

Leave a comment

Posted in Civil Liberties, Other Views

Tagged ,

Are We Getting Somewhere on Tech Privacy? by Lucy Steigerwald

Posted on September 18, 2015 | Leave a comment

From Lucy Steigerwald at antiwar.com:

On September 16, The Washington Post reported that the Obama administration may be looking for a détente in the encryption wars. For proof, they offered a leaked draft of a National Security Council paper which said that Obama should not support a law mandating a decryption backdoor in tech devices.

This bodes very well. For months, federal law enforcement has been in a tizzy over the prospect of automatic encryption in Apple and Android devices. Federal Bureau of Investigation (FBI) director James Comey said that it would benefit pedophiles. Other national security officials echoed these melodramatic sentiments. Later, UK Prime Minister David Cameron came out against unbreakable encryption. Recently GOP candidate Jeb Bush said that “evildoers” would use this enhanced privacy for…doing evil.

Apple seems to be leading this new “you can’t stop us” charge, since it began with last year’s announcement that their IOS8 would make Apple itself unable to comply with certain law enforcement requests. Previously, users could choose to encrypt their devices, but making it all automatic means someone would have to opt out of these privacy measures. This could set a fantastic precedent for privacy. Now a user need not have the tech savvy of an Edward Snowden in order to have their data secret. It will be automatic. It will be an easily purchasable commodity, even in this era of Smartphones.

The US government is currently in a fight with Microsoft, who fought a warrant in a drug investigation because their servers are in Ireland, not the States. Microsoft argues that this precedent does not bode well for dissidents in more authoritarian countries, in which governments might try to force tech companies to reveal identifying information. Strong encryption, as the NSC paper notes, would in many ways lead to increased trust in the US, and certainly in US companies. The Post sums it up: that the NSC thinks that letting Apple and the other companies have their automatic encryption “would counter the narrative that the United States is seeking to expand its surveillance capability at the expense of cybersecurity.”

Official sentiment – barring that of law enforcement – seems to be going a little more in this direction. If Obama really does back off of support for a law, and Congress is unlikely to actually get one together, privacy may simply win by default. Companies move faster than bureaucracy, and they are getting more scrappy since Snowden.

To continue reading: Are We Getting Somewhere on Tech Privacy?

Leave a comment

Posted in Civil Liberties, Other Views, Surveillance

Tagged ,

Top Computer Security Expert Warns – David Cameron’s Plan to Ban Encryption Would “Destroy the Internet”, by Michael Krieger

Posted on July 10, 2015 | 1 comment

Just the other day James Comey, the head of the FBI, argued against encryption technology that won’t allow the government its peek into private communications, so this nonsense isn’t limited to the UK. From Michael Krieger at libertyblitzkrieg.com:

BUSINESS INSIDER: What was your immediate reaction to Cameron’s proposals?

Bruce Schneier: My immediate reaction was disbelief, followed by confusion and despair. When I first read about Cameron’s remarks, I was convinced he had no idea what he was really proposing. The idea is so preposterous that it was hard to imagine it being seriously suggested. But while Cameron might not understand what he’s saying, surely he has advisers that do. Maybe he didn’t listen to them. Maybe they aren’t capable of telling him that what he’s saying doesn’t make sense. I don’t understand UK politics sufficiently well to know what was going on in the background. I don’t know anything about Cameron’s tech background. But the only possibly explanation is that he didn’t realize the full extent of what he was saying.

Then I wondered why he would even wish for such a thing? Does he realize that this is the sort of thing that only authoritarian governments do? Again, my knowledge of the UK is limited, but I assume they are a free country that champions liberty.

– From the Business Insider article: David Cameron’s Proposed Encryption Ban Would ‘Destroy the Internet’

I’ve discussed UK Prime Minister David Cameron’s idiotic, futile and extremely dangerous scheme to ban encryption previously here at Liberty Blitzkrieg. Most recently, in the post, Britain’s “War on Terror” Insanity Continues – David Cameron Declares War on Encryption, in which I explained how Cameron immediately seized upon the terrorist attacks in France to propose more fascist nonsense:

When it comes to the “war on terror,” the United Kingdom embraces a unique form of paranoia and hatred for civil liberties that leaves pretty much all other Western nations in the dust. Although it isn’t the country in which I reside, the extraordinarily close diplomatic ties between the U.S. and the UK results in my paying particular attention to what transpires over in Albion.

Unsurprisingly, the recent attacks Charlie Hebdo attacks across the English Channel were more than sufficient to get UK Prime Minister David Cameron hot and bothered enough to immediately call for more power for the government, and less civil liberties for the citizenry. In his latest twisted authoritarian fantasy, Mr. Cameron has decided to declare war on encryption. In other words, a war on private communications between citizens.
In the aftermath of such a push (which U.S. FBI chief James Comey is fully behind), pretty much every computer security expert and technologist has come out and blasted the stupidity of the concept. Bruce Schneier takes the criticism one step further by proclaiming that Cameron’s plan would “destroy the internet.”

To continue reading: David Cameron’s Plan to Ban Encryption Would “Destroy the Internet”

1 Comment

Posted in Civil Liberties, Other Views, Technology

Tagged , ,