Thursday, October 16, 2014


F.B.I. Director Calls ‘Dark’ Devices a Hindrance to Crime Solving

The director of the F.B.I., James B. Comey, said Thursday that federal laws should be changed to require telecommunications companies to give law enforcement agencies access to the encrypted communications of individuals suspected of crimes.

In a speech at the Brookings Institution in Washington, Mr. Comey warned that crimes could go unsolved if law enforcement officers cannot gain access to information that technology companies like Apple and Google are protecting using increasingly sophisticated encryption technology.

“Unfortunately, the law hasn’t kept pace with technology, and this disconnect has created a significant public safety problem,” he said.

Mr. Comey said that he was hoping to spur Congress to update the Communications Assistance for Law Enforcement Act, a 1994 law that requires phone companies to build into their systems an ability to immediately begin wiretapping if presented with a court order.

Online services like Gmail or Facebook are not covered by that law. As people have increasingly communicated over the Internet instead of by phone, the F.B.I. has been pushing since at least 2010 to expand the law so that they would be covered by the same mandate, warning that its ability to carry out wiretap orders is “going dark.”

One aspect of the F.B.I.'s concern has been start-up companies, many of which have not built intercept capabilities into their products. That can cause delays when they receive an order. For their part, the start-ups say that building in such capabilities is costly and could attract malicious hackers.

A separate but related question is whether companies should be permitted to build communications systems that are encrypted end to end, so that the providers are not able to unscramble them even if presented with a lawful wiretap order. That is an increasing trend, and Mr. Comey focused on it as a danger that could facilitate lawbreaking.

“Those charged with protecting our people aren’t always able to access the evidence we need to prosecute crime and prevent terrorism, even with lawful authority,” he said. “We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so.”

It was Mr. Comey’s first speech about law enforcement policy since he took over the F.B.I. in September 2013. In his first year, he spent a significant amount of time crisscrossing the country to visit most of the F.B.I.'s 56 field offices.

The battle between Silicon Valley and the intelligence community over information gathering, which had been simmering for 20 years, escalated last month after Apple said it would roll out new encryption for the iPhone that would prevent even Apple from gaining access to customer information.

Cracking the encryption in Apple’s new operating system would take more than five years of trying every possible six-figure alphanumeric passcode, according to an Apple technical guide, though that estimate has been debated among cryptographers.

Continue reading the main story 

Similarly, Google has offered encryption for Android phones for the past three years, but it requires that users switch it on in the phone’s settings. Google has said the latest version of the Android operating system, to be released this month, will ship with encryption turned on by default.

Representatives for Apple did not return requests for comment. A Google spokesman referred to the company’s previous statement on encryption. “People previously used safes and combination locks to keep their information secure — now they use encryption,” the company said in the statement. “It’s why we have worked hard to provide this added security for our users.”

Mr. Comey cited the new iPhone as a sign that encryption might be getting out of hand, although he stopped short of saying that any revision of the surveillance law should require manufacturers to build back doors into the encryption technology used to protect data stored on devices. In the 1990s, the F.B.I. pushed for such back doors but lost that debate.

Mr. Comey did, however, say that the law’s revision should require communications providers to be able to unscramble messages if presented with a court order. That would not require building back doors into encryption, but would require the providers to be able to unscramble the messages.

Gmail, for example, encrypts emails as they flow from users’ computers to Google’s servers, stores them in plain text on its servers, and then encrypts them again as they are sent over the network to recipients. But some services encrypt the contents of messages from start to finish, so the firms pass on the messages but cannot read them or turn them over in plain-text form to law enforcement.

Mr. Comey said he thought that should not be permitted, bringing him back to the position held by the F.B.I. before reports surfaced last year about extensive electronic surveillance by the National Security Agency, based on documents leaked by the former intelligence agency contractor Edward Snowden.

Silicon Valley executives were enraged by revelations from Mr. Snowden’s files that the N.S.A. was not just asking companies to hand over data through secret court orders but also gathering information through the “back door” — breaking into their data centers and stealing encryption keys, or gathering data as it flowed in unencrypted form.

Those revelations, along with claims by technology companies that they are losing billions of dollars a year because of canceled contracts and lost business opportunities, have put the F.B.I. on the defensive.

On Thursday, Mr. Comey insisted that the F.B.I. gathered data only through legal means. “It frustrates me, because I want people to understand that law enforcement needs to be able to access communications and information to bring people to justice,” Mr. Comey said. “We do so pursuant to the rule of law, with clear guidance and strict oversight.”

Countries like Brazil, India and Germany are considering so-called “data localization” laws that would force companies to move their data centers within their borders if they want to operate in these markets. The European Union and Brazil have said that they would run a new undersea fiber-optic cable between Brazil and Portugal to thwart American spying.

Continue reading the main story Continue reading the main story 

Continue reading the main story 

The American Civil Liberties Union responded forcefully to Mr. Comey’s comments about encryption. “Federal law explicitly protects the right of companies to add encryption with no back doors,” Laura W. Murphy, director of the group’s Washington legislative office, said in a written statement. “Whether the F.B.I. calls it a front door or a back door, any effort by the F.B.I. to weaken encryption leaves our highly personal information and our business information vulnerable to hacking by foreign governments and criminals.”

Technology companies have argued that, even with encryption, there are still ways for law enforcement to legally circumvent encryption by intercepting data in the cloud, or by forcing criminal suspects to hand over the passwords to their devices.

On Thursday, Mr. Comey addressed what he called “misconceptions.”

“At the outset, Apple says it’s not that big of a deal,” Mr. Comey said. “Uploading to the cloud doesn’t include all of the stored data on a bad guy’s phone.” And he said it would create a “black hole” if criminals opted not to store any data on the cloud.

Mr. Comey also said that the government was limited in its ability to crack encryption, using so-called “brute force” means in which computers guess at every possible combination. “Even a supercomputer would have difficulty with today’s high-level encryption,” Mr. Comey said, adding that some devices and applications erase encryption keys if too many attempts are made to break a password.

Silicon Valley executives say that complying would significantly increase their costs to build out new data centers abroad, and potentially cost American jobs.

At a panel discussion in Palo Alto, Calif., last week, Colin Stretch, general counsel for Facebook, said that encryption had become a “key business objective” for technology companies. “I’d be fundamentally surprised if anybody takes the foot off the pedal of building encryption into their products,” he said.

If not, said Eric Schmidt, the executive chairman of Google, the impact of the N.S.A. spy revelations on the technology industry could be “severe.”

Tags : ,



The idea behind the text.
Respect for the truth is almost the basis of all morality.
Nothing can come from nothing.

Popular Topics


Well, the way they make shows is, they make one show. That show's called a pilot. Then they show that show to the people who make shows, and on the strength of that one show they decide if they're going to make more shows.

Like you, I used to think the world was this great place where everybody lived by the same standards I did, then some kid with a nail showed me I was living in his world, a world where chaos rules not order, a world where righteousness is not rewarded. That's Cesar's world, and if you're not willing to play by his rules, then you're gonna have to pay the price.

You think water moves fast? You should see ice. It moves like it has a mind. Like it knows it killed the world once and got a taste for murder. After the avalanche, it took us a week to climb out. Now, I don't know exactly when we turned on each other, but I know that seven of us survived the slide... and only five made it out. Now we took an oath, that I'm breaking now. We said we'd say it was the snow that killed the other two, but it wasn't. Nature is lethal but it doesn't hold a candle to man.

You see? It's curious. Ted did figure it out - time travel. And when we get back, we gonna tell everyone. How it's possible, how it's done, what the dangers are. But then why fifty years in the future when the spacecraft encounters a black hole does the computer call it an 'unknown entry event'? Why don't they know? If they don't know, that means we never told anyone. And if we never told anyone it means we never made it back. Hence we die down here. Just as a matter of deductive logic.