Former NSA Lawyer Says Reason Blackberry Failed Was 'Too Much Encryption' Warns Google/Apple Not To Make Same Mistake
from the give-it-a-rest,-stew dept
There are times that I wonder if former NSA General Counsel Stewart Baker is just trolling with his various comments, because they’re so frequently out of touch with reality, even though he’s clearly an intelligent guy. His latest is to join in with the misguided attacks on Apple and Google making mobile encryption the default on iOS and Android devices, with an especially bizarre argument: protecting the privacy of your users is bad for business. Oh really? Specifically, Baker engages in some hysterically wrong historical revisionism concerning the rise and fall of RIM/Blackberry:
Baker said encrypting user data had been a bad business model for Blackberry, which has had to dramatically downsize its business and refocus on business customers. ?Blackberry pioneered the same business model that Google and Apple are doing now – that has not ended well for Blackberry,? said Baker.
He claimed that by encrypting user data Blackberry had limited its business in countries that demand oversight of communication data, such as India and the UAE and got a bad reception in China and Russia. ?They restricted their own ability to sell. We have a tendency to think that once the cyberwar is won in the US that that is the end of it – but that is the easiest war to swim.?
While it’s true that some countries, like India, demanded the right to spy on Blackberry devices, the idea that this was the reason for the company’s downfall is ludicrous. First of all, RIM gave in to some of those demands anyway. But, more importantly, the reason that Blackberry failed was because the company just couldn’t keep up from an innovation standpoint — and that’s because early on it made the decision to focus onenforcing patents, rather than truly innovating. RIM got fat and lazy by getting an early lead and then focusing on protecting it, rather than keeping up with the market. And… one of the reasons it got that early lead was because companies were willing to buy into the Blackberry in part because of its strong encryption.
The idea that encryption was bad for business because China and Russia couldn’t spy on people is not only ridiculous and silly, but it appears to be Baker supporting authoritarian states spying on its citizenry. What the hell, Stewart?
Beyond that, Baker insists that, really, the public doesn’t want encryption anyway, and if people only knew what was really going on with the “bad guys,” we’d all be willing to give up our privacy:
Baker said the market for absolute encryption was very small, and that few companies wanted all their employees? data to be completely protected. ?There?s a very comfortable techno-libertarian culture where you think you?re doing the right thing,? said Baker.
?But I?ve worked with these companies and as soon as they get a law enforcement request no matter how liberal or enlightened they think they are, sooner to later they find some crime that is so loathsome they will do anything to find that person and identify them so they can be punished.
Right. And that’s what basic police and detective work is for. It doesn’t mean that you need to weaken the security and privacy of everyone else. Anyway, let’s see if Baker goes out and shorts Apple and Google’s stock now that he believes encryption and protecting the privacy of their users is really so bad for business.
Filed Under: blackberry, china, cryptowars, encryption, india, nsa, russia, stewart baker, surveillance
Companies: apple, blackberry, google, rim
Comments on “Former NSA Lawyer Says Reason Blackberry Failed Was 'Too Much Encryption' Warns Google/Apple Not To Make Same Mistake”
Unless you intentionally mislead the average Joe into thinking that encryption is only used for criminal activities nobody will agree with anything being said here. Encryption is both essential and desirable.
I used “mislead” and “only” in italics because that’s precisely the strategy I began to see here and it’s spreading throughout the world (I’ve seen clueless news here parroting the same bullshit). I think it’s about time we unite and start explaining what encryption is and why these morons from law enforcement advocating against it are so wrong.
Re: Re:
Horse drawn buggies have failed in the marketplace and they have round wheels. Therefore, the automotive industry should take note of that fact and remove round wheels from automobiles before they too fail!
Re: Re: Re:
It’s the 21st century. Where’s my hovercar, dude?
Re: Re: Re: Re:
Will you settle for a hoverboard?
Re: Re: Re:2 Re:
Cool. But it’s not atomic jet-powered.
It’s the 21st century. Dude, I want my atomic jet-powered hovercar.
I’m not actually all that bothered about encryption on my phone – I don’t keep much on it anyway and I can remotely wipe / disable / back up / track it anyway.
On my computer however, things are a little different. I use bitlocker to ensure it is all encrypted (Using both a TPM and a USB key which I carry around with me) – not to stop law enforcement (although they would have to have a very convincing warrant for me to give up the keys), but because I use it to run an offsite backup of works servers – which, as we are a scanning bureau, contain over 400GB of data, most of which consists of legal files for criminal cases, personal data, accountancy data etc. It would probably be criminal for me to NOT keep this kind of information encrypted!
Re: Re:
“I use bitlocker”
Which you shouldn’t do.
Re: Re: Re:
Strongly concur (with John). Please see:
http://cryptome.org/2014/11/ms-onedrive-nsa-prism.htm
Re: Re: Re: Re:
That’s only for desktop users. If you run your own Active Directory, you can store keys in the server and nothing touches Microsoft. Same is also true for Apple’s FileVault. With the death of TrueCrypt, and CipherShed still not fully vetted, alternatives are still sort of limited. Though I would probably trust CipherShed more than Symantec/McAfee at this point.
Also you can use Bitlocker without ever signing into a Microsoft account on account creation, thus no OneDrive to upload to. The same is true for Apple’s FileVault.
As far as security, they’ve both pretty well have been vetted, even Bruce Schneier’s blog says that they are not bad.
BitLocker
FileVault2
What half of the idiots don’t realize is that FDE is only good when the device is turned off, and even then with enough time and effort pretty much anything is vulnerable if they have the hardware.
Re: Re: Re:2 Re:
There are several other issues with Bitlocker that have nothing to do with who holds the keys, including that it uses the problematic Windows crypto APIs to perform the encryption.
Re: Re: Re:2 Re:
AES ?
I am informed that the Earth is believed to be about 4 1/2 billion years old. The best guesses for the age of the universe, I think, are about three times that.
There are also energy considerations. Via Schneier:
Re: Re: Re:3 Re:
Who said you have to defeat the encryption?
I guess you never heard of the evil maid attack, Van Eck phreaking?
Pretty cool experiment if you are interested: Hack-a-day
Re: Re: Re:4 Re:
I should have quoted a little bit more, I guess:
The commenter’s assertion was: “[T]he device is turned off, and even then with enough time and effort…”
Re: Re: Re:5 Re:
And of course, encryption is not meant to withstand any attack forever. It is intended to exceed the resources (time, money, focus, constraints, etc.) an attacker would reasonably bring to bear to gain access through the encryption layer vs. obtaining that data via other methods. Essentially, it is cost/benefit analysis.
We also act in faith to a certain extent that the assumptions behind a particular method of encryption haven’t changed. (I.e. a mathematically efficient way to reverse a one-way function or a weakness in “random” number generation has not secretly discovered.)
The “my data is encrypted using xyz method and you will never be able to get to it. Never! Bwahahahaha!” is unrealistic. Methods to protect data are business decisions as well as technical ones, so using commercial tools in a way that reduces the likelihood of preinstalled backdoors is reasonable.
One might presume the reason the NSA screams so loudly about large shifts toward even moderately strong encryption is not because they can never decrypt any particular communication, but rather because they can’t easily intercept/store the vast majority of communication (and have a much narrower field of “interesting” encrypted traffic). In other words, the cost/benefit ratio has been shifted dramatically.
After all, if a government really wants my data and is not constrained by law, there are extremely efficient decryption solutions available today that can defeat any known methods of encryption I may have employed.
https://xkcd.com/538/
Re: Re: Re:3 Re:
“… with enough time and effort pretty much anything is vulnerable…”
With a single change, this assertion is correct. The change is to remove the words “pretty much”.
Even AES. All of those claims about how it would take longer than the lifespan of the universe to break are based on brute-force attacks, which is not how breaking them is done in the real world.
Ignoring quantum encryption (which is still purely experimental and largely theoretical) and excepting one-time pads (which are very difficult — although certainly not impossible — to do properly), there is no encryption scheme which is unbreakable.
The value of encryption is not to keep something a secret forever. If you need to do that, then you’re better off using different methods. The value is to make breaking so time-consuming and expensive that by the time it has been accomplished, the data that was encrypted is not so critical anymore.
Re: Re: Re:4 Re:
Do you have a proof of that?
To prove:
I’ve never seen that proof.
No more than I’ve ever seen a proof that P != NP.
Re: Re: Re:5 Re:
Immediate prior clause from the post
A one time pad, done properly is theoretically unbreakable. Because it uses a pure random key, it is possible to generate a key, of the same length as the message, to translate (decrypt) it into any string of the same length; which includes all meaningful strings of the message length, including padded strings, in all languages that can be represented in the coding scheme that could be represented by the encrypted message. Hence, providing a key that produces a meaningful message is not proof that that is what was sent.
Re: Re: Re:5 Re:
No, I have no mathematical proof. However, the assertion has so far held true empirically. You’re right, that this is much like the P != NP problem, and must be considered in an analogous way: until the assertion is mathematically settled, we have to go by empirical observation.
Re: Re: Re:6 Re:
Intuitively, I believe your claim was “P == NP”, and I’m kinda noodling around with an actual proof that is indeed what you claimed.
Fwiw, the other AC’s reply also got me to thinking about Kolmogorov complexity.
Re: Re: Re:7 Re:
“Intuitively, I believe your claim was “P == NP””
Yes, I wasn’t going to nitpick this because it’s often referred to both ways, and either way is logically the same thing.
Re: Re: Re:3 Re:
Nobody needs to break the encryption. They just need to break the password.
Which is easy. Any security system is only as strong as it’s weakest link. And, in the case of computer security, most of the time you (the user) are the weakest link.
Re: Re: Re:4 Re:
Oh, you’d like my passord. Happy to oblige.
Right you are! All you have to do is ask the user, and they give it right up.
Re: Re: Re:5 Re:
You just leaked the fact that you seed with urandom. Now a replay attack could actually arrive at your password in a finite amount of time….
Re: Re: Re:6 Re:
Even worse, I’ll leak the fact that I seed the urandom pool with input from both:
• Hotbits
• Random.org
That’s not too terrible of a leak, insamuch as anyone observing my internet connection can see it. But still…
Re: Re: Re:5 Re:
Oh, you’d like my passord. Happy to oblige.
And where do you store this password? I’m willing to bet you don’t have it memorized.
The nature of passwords is that the harder it is to crack, the harder it is for humans to remember. If the password becomes too difficult to remember, and must be stored, it’s now worthless (because the password to store the complex password will need to be easy enough to remember…which defeats the purpose of the complex password).
Either way, the point is that it’s much easier to crack a password than the encryption it protects. Computers have gotten powerful enough that even standard computers using a graphics card can test an insane amount of passwords per second. A specialized computer, such as EFF’s Deep Crack, would break your hash in under a month.
Passwords are like a door lock. They’ll stop someone from easily breaking in, but even the toughest door or most complex lock is only going to buy you time. A determined attacker is getting in.
Re: Re: Re:3 Re:
AES is an algorithm, not an implementation. Bitlocker is an implementation, and it includes parts that significantly weaken the potential security in ways that are not trivially verifiable.
Most AES implementations used in today’s products are seriously flawed, and do not adhere to the theoretical mean time required to brute force the theoretical model.
Given that governments are looking more and more like the bad guys, it is strong encryption, or out with the pitchforks, and I doubt that he would like where the latter would be applied.
Re: Re:
Just so. Very few – if any – of these public-facing government apologists have come out and said “Gosh, maybe all this encryption talk is because we got caught hoovering up everything in sight.”
And, implying that “bad guys” don’t already use encryption or some other sort of obfuscation leads to two premises: one, the government is only capable of catching profoundly stupid criminals; and two, they really, really don’t want average citizens to become opaque to mass surveillance.
Re: Re: Re:
Actually it is a pseudo-issue: As soon as you start discussing encryption at all, the bad guys not encrypting will already be more likely to encrypt.
The clever thing from a law enforcement perspective with raising this specific debate, is the highlighting of some encryptions not being valuable. Therefore, as soon as they stop talking about encryption as the death of the world, the bad guys will feel uncomfortable. The lack of discussion would be worse than getting hammered in public opinion on this issue…
These are like kids arguing for a puppy.
” “But I’ve worked with these companies and as soon as they get a law enforcement request no matter how liberal or enlightened they think they are, sooner to later they find some crime that is so loathsome they will do anything to find that person and identify them so they can be punished.
“loathsome” crimes? Well…
We’ve been trying, but — as amply documented here at TD and elsewhere — the CIA insists on redacting the names of torturers and their accomplices.
The problem with the NSA – Too much crooked behavior.
novel excuse
Claiming to have failed because the President uses an NSA-secured Blackberry?
But I’ve worked with these companies and as soon as they get a law enforcement request no matter how liberal or enlightened they think they are, sooner to later they find some crime that is so loathsome they will do anything to find that person and identify them so they can be punished.
Sounds just like the usual trolls here, claiming to work for tons of artists who all apparently demand DRM on every disc and a fine for every customer.
Don’t count on either to prove their credentials, of course.
Lies, damned Lies and even more Damned Lies
BlackBerry opened the back door to the encryption for India to steal everything going through them.
This is more likely the reason why they died, the inability to trust the encryption to prevent government snooping.
India’s laws are also why jobs outsourced to India never actually receive the data, only video feeds from terminal servers located outside of India to get around the “We must see all data coming in and going out of our country”.
Re: Lies, damned Lies and even more Damned Lies
As a Blackberry user for my work phone I can confirm that the main reason I want to give it up is because it is rubbish… not because the government can spy on it. I tend to assume they could spy on whatever phone I have anyway.
Sadly I have no control on the choice of phone.
Quite the opposite
I should think that the reason Democrats failed in Congress was far too much undermining of encryption, privacy, and accountability.
In contrast to phones, sadly there is no convincing “sucks less” alternative from the market leaders.
The Nobel Peace Prize winning product announcement from the Democrats last time round has been a thundering disappointment, and now the battery is dead with the contract running for another two years.
It’s not clear who will be producing the successor model, but it’s pretty clear that it will deserve the name watchU.
Re: Quite the opposite
I suspect you’re right. If the Democrats had actually delivered — let’s say, on robust investigation and vigorous prosecution of Wall Street — then they could have easily carried the day. But they didn’t, and as a result, they failed to distinguish themselves from the Republicans. And thus there was simply no motivating reason for Democratic-leaning voters to get out to the polls.
Mid-term elections are (almost) always about turnout and that won’t go in favor of any political party unless their base has a cause (or two or three) to rally behind. The Democratic Party has made the strategic political mistake of trying to be “centrist” when in fact no such political position exists any more in the United States. (I don’t say that because I approve of the situation, I say that because it’s true.) By moving farther and farther right (in an attempt to catch moving and mythical goalposts) they’ve lost far more support than they’ve gained. And now they’re paying for it.
Re: Re: Quite the opposite
A nice thought, but it wouldn’t matter. The districts lines are well planned and the outcome almost certain. It doesn’t matter what obama or anyone really did or didn’t do. When you coral a bunch of ignorant folk, they will do what they are told.
Re: Re: Re: Quite the opposite
Now that the Republicans have control of both Houses, who are you going to blame when the economy goes belly up again, encryption is still considered a terrorist/criminal act, and we’re still ass-deep in surveillance?
Just askin’.
‘Cause you can stop blaming Obama for whatever happens till the next election NOW.
Re: Quite the opposite
Indeed. The decline of Blackberry began when they weakened their security in order to operate in certain repressive regimes. Blackberry was already behind the curve in terms of features and usability at that point, and the primary reason people and companies gave for sticking with them was that it was the most secure option.
When that was no longer true, there was no reason for people to stick with it.
Re: Re: Quite the opposite
Mr. Fenderson,
>>they weakened their security in order to operate in
>>certain repressive regimes.
You really could not have phrased that better!
So, reading between the lines, what he’s actually doing is threatening American companies with corporate murder.
Nice.
A Lawyer acting as if his word is good for anything, that in itself is comedy.
We Demand
We demand all secret passwords for childrens’ tree-house clubs so we may gain entrance to ensure they are not becoming terrorist breeding grounds. We can neither confirm nor deny whether we will respect the “No Girls Allowed” sign.
““Blackberry pioneered the same business model that Google and Apple are doing now – that has not ended well for Blackberry”
The same can be said for Nokia. Was that an encryption problem too?
“They restricted their own ability to sell.”
Yeah, I remember once I got into the market for a smartphone, the Blackberry’s dated UI was a turn-off compared to competitors and in business terms the requirement for BES subscriptions for certain features was something of a turn-off when considering new options. In both cases I rejected them and went with competitors. That trend has continues as friends and colleagues have rejected them in favour of iPhones and Samsungs even if they preferred the physical keyboard, which was one of the Blackberry’s major attractions. WhatsApp and similar cross-platform apps pretty much killed Blackberry as an option for many once they got away from needing it to use BIM. only its cheap price seemed to keep many interested, and even that market’s gone once cheaper Androids became ubiquitous. If only they hadn’t restricted their own ability to sell by not keeping up with the demands of their market.
Oh wait, this is about *encryption*? Oh, whichever scapegoat you prefer, I suppose…
C'mon man, get your propaganda straight
Why is this NSA guy praising the policies of China and Russia, the same nations that get trotted out as deadly freedom-hating enemies brimming with apocalyptic superhackers every other month?
Re: C'mon man, get your propaganda straight
Because we’ve always been at war with Eurasia.
the only ones worried about too much encryption on devices are the security forces! they are supposed to be ensuring our safety in the first place, being unable to read and listen to everything that everyone says and writes stops them from doing that? i very much doubt it!! it may mean those security people have to do a little more work, like they did prior to the internet and mobile devices, but throwing all surveillance eggs into one basket and saying that is stopping them from finding those pesky criminals seems rather OTT!!
Subtle threat isn't subtle
Blackberry pioneered the same business model that Google and Apple are doing now – that has not ended well for Blackberry
Between the lines: “they didn’t comply with us requesting no encryption, so we killed them off. That’s a bad business model, right?”
I thought blackberry stabbed itself with it’s inability to produce a smart phone until it was too late …
Is the guy from NSA now claiming they killed off blackberry to get ride of encryption?
Blackberry had limited its business in countries that demand oversight of communication data, such as India and the UAE and got a bad reception in China and Russia.
So what he is saying is that companies should comply with oppressive regimes that want to monitor all communications because that is a better way of doing business.
Yay for the American way!
Re: Re:
Won’t anybody think of all the money?
Simple question for Stewart Baker and anyone arguing against encryption.
Do any of your phones have encryption enabled?
Work?
Home?
Family members?
I’d love to see some reporters ask that question live.
Re: Simple question for Stewart Baker and anyone arguing against encryption.
His family are all good guys, it’s no problem if their phones are encrypted, it’s only everyone else that needs to leave their front doors unlocked!
Re: Simple question for Stewart Baker and anyone arguing against encryption.
I would like an affordable phone with the same capabilities as the President’s phone. If my phone isn’t encrypted, then neither is his.
If he can keep a secret from me, then I want to be able to keep my secret also.
BB failed because it SUCKED! Sure they are uber secure because of their encryption which is very useful in a corporate/enterprise environment. But the “masses” like APPS, we like FUN, we like USEFUL devices in general. We DON’T want to lug around multiple phones. When you become BORING, you lose business. And BB became just that.
Re: Re:
Exactly why iPhone is good, but Android is better – side loading apps.
Since when does he know what the public wants regarding encryption? Based on that presumption, it appears baker knows what the public wants for everything, not just phones. What else can he tell us about ourselves that we don’t know?
Perhaps he can tell me what car I should buy, since he knows what I what. Let me guess, one thatcontinuously transmits a GPS signal and can be remotely shutdown if there’s reasonable suspicion?
Re: Re:
“Perhaps he can tell me what car I should buy, since he knows what I what. Let me guess, one thatcontinuously transmits a GPS signal and can be remotely shutdown if there’s reasonable suspicion?”
That’s what OnStar thinks you want.
DVD's are encrypted
Can we move to remove the encryption from those so that we, the people, can make legal copies? If not, then, we get to enjoy the exact same law: cannot lawfully decrypt encrypted devices.
Good for the goose….
BB = DoD
Does this guy forget that one of the biggest users of Blackberry devices is the Department of Defense, because of the encryption?
He is a Sophist. The evil kind Socrates warned of, and should be pointed out as such, and then rejected.
Re: Re:
Remember Remember the Fifth of November, The Gunpowder Treason and Plot, I know of no reason why the Gunpowder Treason should ever be forgot.
Re: Re:
You are probably referring to the conclusions in “Euthydemon”. Those are actually pretty bland. The dialog as a whole, however, is hi-la-ri-ous.
Sokrates is not actually warning of an “evil kind” here: he is rather dismissing them as irrelevant.
In what world
Beyond that, Baker insists that, really, the public doesn’t want encryption anyway, and if people only knew what was really going on with the “bad guys,” we’d all be willing to give up our privacy:
In what world do people not care about their privacy Baker is another fear monger
I encrypted my phone just because of people like him clueless
This Encryption Arms Race Needs a Change of Tactics
As was recently reported in PCWorld Microsofts top legal counsel is calling this an encryption arms race.
I suggest we take a page out of the spook agencies’ handbook and be more aware of who is looking at whom.
The technology to do this readily available and in place, but the funding needed may prevent anything like this from happening.
My vision is to create a system by which standardized honeypots are located in the DMZ of routers and the firmware of mobile devices and then report to a community monitored database that shows who is looking at home in real time.
Using projects like Tomato and DD-WRT and Cyanogenmod to develop an open source honeypot project with standard updates to stay on top of the latest attacks and then each device reporting to a centralized public domain database showing aggregate data that highlights the type of attack and the targets of the attack.
As the years go by, it gets harder and harder to see very much difference between the actions of the US and other 1ˢᵗ world countries. They are all doing the same things and what they are not doing that distinguished them from each other is fading into a blurry undefined border that gets ever more difficult to compare those differences. It’s like everyone is going back to a banana republic.
Now add lawyer + NSA and if that isn’t recipe to hear a lie, it only misses politician in the mix. While I read what is reportedly said here from the NSA, in the back of my mind I always hear, “This is the NSA and it lies all the time”. I now filter all incoming input from that group with that in mind. Nearly nothing do I accept coming from them at face value. It always requires supporting evidence from someone else to have a hint of believability to it. Government does not supply supporting evidence because it too is caught in the same trap. Given that it has lied so much, when it comes time to believe because they need you to have faith, it’s not there now. I won’t take their info at face value. They have squandered the inherent trust and the ability to be taken at face value with things like “We’re the good guys”.
Make it yourself encryption.
Even though I work in the IT business, I really haven’t studied this area much, but would it be impossible to think that organized terrorists could make encryption themselves?
Re: Make it yourself encryption.
“would it be impossible to think that organized terrorists could make encryption themselves?”
Not impossible at all, but if they do then they’re fools. It’s actually really, really hard to come up with strong homebrew encryption, and it’s even harder to verify that the encryption you have is any good.
Crypto is a highly specialized field of mathematics. If you aren’t an expert in it, you’re begging for trouble by going the DIY route.
Rephrasing Baker's claims for transparency
Beyond that, Baker insists that, really, the public doesn’t want locks on their doors anyway, and if people only knew what was really going on with the “bad guys,” we’d all be willing to leave our doors open all the time.
People won’t stop using Google and Apple products because of that.
Slippery slope
… they will do anything to find that person and identify them so they can be punished.
I’m surprised no one picked up on this slippery slope of abusing rights. It starts by doing “anything” to stop a bad guy (terrorist, child molester, etc). Then when the police break some rules, like gathering data without a warrant, and get their man, this will set a precedent so they can continue doing it. “Just this once” to stop a “terrorist” never seems to be just once.
“play ball or we will shut you down”
What is this the mob?
Giving into the backdoor demands of those countries eliminated the last of their customers.
This is like something out of a spam message: “…the CEO of Blackberry broke the chain, and his business began to fail….”
I can’t speak for anyone else, but RIM giving in and installing backdoors for governments was what turned me off Blackberry.
And, at least in my memory, the timing of these backdoors corresponded quite closely with RIMs slide out of the marketplace.