Senior Police Officer Suggests Companies Allowing People To Use Strong Crypto Are 'Friendly To Terrorists'

from the just-stop-whining dept

Last November, we ran through the list of senior law enforcement officers on both sides of the Atlantic who all came out with suspiciously similar whines about how strong crypto was turning the internet into a “dark and ungoverned” place. Judging by this story in Reuters, others want to join the choir:

Some technology and communication firms are helping militants avoid detection by developing systems that are “friendly to terrorists”, Britain’s top anti-terrorism police officer said on Tuesday.

That remark comes from Assistant Commissioner Mark Rowley, who is the UK’s National Policing Lead for Counter-Terrorism, replacing Cressida Dick. Here’s the problem according to Rowley:

“Some of the acceleration of technology, whether it’s communications or other spheres, can be set up in different ways,” Rowley told a conference in London.

“It can be set up in a way which is friendly to terrorists and helps them … and creates challenges for law enforcement and intelligence agencies. Or it can be set up in a way which doesn’t do that.”

“Set up in a way which is friendly to terrorists and helps them” obviously means using strong crypto; “set up in a way which doesn’t do that” therefore means with compromised crypto. Like his colleagues, Rowley too blames the current mistrust between the intelligence agencies and computer companies on Edward Snowden:

“Snowden has created an environment where some technology companies are less comfortable working with law reinforcement and intelligence agencies and the bad guys are better informed,” Rowley told Reuters after his speech.

Well, no, actually. That “environment” has been created by the NSA and GCHQ working together to break into the main online services, and undermine key aspects of digital technology, with no thought for the collateral damage that ruining internet security might cause for the world. Rowley is also quoted as saying:

“We all love the benefit of the internet and all the rest of it, but we need [technology companies’] support in making sure that they’re doing everything possible to stop their technology being exploited by terrorists. I’m saying that needs to be front and centre of their thinking and for some it is and some it isn’t.”

The technology is not being “exploited” by terrorists, it’s being used by them, just as they use telephones or microwaves or washing machines. That’s what those devices are there for. The idea that trying to make broken internet technologies should be “front and center” of technology companies’ thinking bespeaks a complete contempt for their users.

This constant refrain about how awful strong crypto is, and how we must break it, is simply the intelligence services implicitly admitting that they find the idea of doing their job in a free society, where people are able to keep some messages private, too hard, so they would be really grateful if technology companies could just fall in line and make life easier by destroying privacy for everyone.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Senior Police Officer Suggests Companies Allowing People To Use Strong Crypto Are 'Friendly To Terrorists'”

Subscribe: RSS Leave a comment
69 Comments
Anonymous Coward says:

Re: Re: Re:

No no no. Locksmiths and door makers are going to be rolling in dough in the near future as breaking down people’s doors become the police standard for entering someone’s house, for any reason.

Cryptography on the other hand, is such a concern for them because they haven’t figured out how to break it by kicking it with jackboots.

cypherspace (profile) says:

“We all love the benefit of the internet and all the rest of it, but we need [technology companies’] support in making sure that they’re doing everything possible to stop their technology being exploited by terrorists. I’m saying that needs to be front and centre of their thinking and for some it is and some it isn’t.”

Know what would help? NOT inserting vulnerabilities and going public with any exploits that are uncovered in < 48 hrs. Bruce Schneier said it best:

We have a choice between an Internet that is vulnerable to all attackers, or an Internet that is safe from all attackers. And a safe and secure Internet is in everyone’s best interests, including the US’s

Bergman (profile) says:

Re: Re: Re:

In a democracy (or reasonable facsimile) the People ARE the government.

When a police officer uses threats of violence against someone it is usually to compel them to act in a certain way. A fair amount of the time the way the police want people to act is to stop exercising troubling (to the government) political speech.

Take note of how many peaceful protests are broken up by police in riot gear, who simultaneously claim that showing up to a protest with anything that can be used as a weapon is proof of unlawful intent.

Police often do commit acts of terrorism.

David says:

Re: Re: Re:

Nobody in his right mind travels there voluntarily anyway since all his data will be passed to the U.S. government and its hit teams (possibly leading to him getting bombed by drones), his devices might be searched and/or confiscated and/or destroyed, he might end up in a detainment and torture camp without access to lawyers or due process and so on.

If you can avoid communicating with or visiting a repressive fascist regime where human rights and their own constitution are considered optional, you stay out.

Anonymous Coward says:

Because we can trust that it is only used for fighting terrorism?

As humans we go through a phase when we are very young, where we will have to learn what is bad for us and what is not. We get burned by fire and then we know not to touch something hot. We get our fingers caught in a door we played with, and we know to be careful.
What you are asking us to do is to trust you and put our fingers between a door and frame only to hope that you will not slam it and break all our fingers.
Normally I could be willing to do that, simply because I could not imagine a decent person smashing my fingers.
The problem is that these people have done the equivalent of hand-smashing so many times that we are starting to do the only sane thing there is left; simply keeping our freaking hands away from the door.
Somehow these fools simply doesn’t get why, which is quite extraordinary in a teethgrindingly infuriating way.

Anonymous Coward says:

Rock and a hard place

Vendors are trying to provide what the customers demand, security, or loose them period. The officials seem to think they are owed a “key to the vault” because terrorism. They could care less for the concerns of customers or vendors. The choice is really between security or an internet that devolves into chaos and uselessness. When that happens where will the officials look for their mythical terrorists. It seems that the only terrorists the FBI has found are the ones they have cultivated, instead of doing real work its make work, resulting in bogus arrests. How about those felonious sexting tweens. Just PR bullshit.

Anonymous Coward says:

Part of this quote appears to be missing

“It can be set up in a way which is friendly to terrorists and helps them …
and creates challenges for “
Hackers, crackers, spooks, men in the middle, agents of foreign nations, oh and … “law enforcement and intelligence agencies. Or it can be set up in a way which doesn’t do that.”

Anonymous Coward says:

he is right. it is due to Snowden that the distrust is there. not for the mistrust but because Snowden told us! while the security forces could access everything of everyone, everywhere, they were happy. they didn’t stop any terrorist attacks, including the major ones, but they were achieving what they wanted and what they had set out to achieve, which is why they are pissed now! the intention never has been and never will be catching terrorists or criminals. it is solely to be able to spy on ordinary people so that when someone is not paying the extra $2 tax, that person can be collared (forget all about the billionaires who pay less than an ordinary person on 1,000 times as much). the other thing being, when the people get so pissed offat the government, like they did over SOPA, the security forces can keep up with where the next demonstration is going to be. have you even noticed how your freedom to object, to gather in crowds and to relay your displeasure at what YOUR government is doing is being eroded? that’s because those in government dont want to be kicked out, dont want the ordinary people knowing what naughty things they have been doing, what deals they have made to keep a certain industry in the analogue age rather than the digital age, anything they shouldn’t be doing that screws the people and most of those governments are of the Conservative type! bad news people!

DannyB (profile) says:

Washing Machines

The technology is not being “exploited” by terrorists, it’s being used by them, just as they use telephones or microwaves or washing machines.

Shouldn’t washing machines be required to detect explosive residues in clothing and report it? Shouldn’t the government be able to remotely sniff all soiled laundry when it is loaded into the washing machine? Washing machines that fail to provide this capability are “friendly to terrorists”.

Nigel Todman (user link) says:

Or … They just want to have a private conversation? Maybe they are discussing confidential information or trade secrets. Maybe they are talking about a prototype or a bleeding edge concept that the US Government and its Agents or their friends might be interested in … — What ever they are discussing. It’s none of your damn business. Just because the Government wants to know about it, Doesn’t inherently give it a right to that information because ‘terrorism’

Gonzoid says:

Re: b

Crazy, isn’t it?

I watch the comments on threads like this, over the last year or two – and as time goes on am continually amused at how the reactions from the populace go from ‘well thats odd, but because terrorism eh?’, then morphs to ‘jeez, they must be dumb/typical inefficient govt because they didn’t catch any terrorists’ to finally the realization…

No, its nothing to do w/terrorism. They just want to watch all of us, all the time, for any reason. Because = awake sheep are scary to them.

Wake up…and stay awake dear readers of the World. Its probably going to get a whole lot worse before it gets better. 🙁

Anonymous Coward says:

Hmmm

I wonder if this senior person has the ability to work remotely.
If so, I wonder if he uses some sort of VPN to connect to his workplace.

If he does, how does he feel being part of the problem?
If he doesn’t, then how does he feel about putting national security at risk by allowing all of his communications to travel unencrypted?

People like this have no business commenting on things they don’t understand.

James Burkhardt (profile) says:

Re: Re:

Not sure why you couldn’t reply to my comment so it could clearly be recogognized as such in threaded view. You defined ‘one of those states’ somewhat strangely, giving 2 definitive locations, but not really defining what they share in common. You also failed to define difficult, so Ive looked up the laws.

There appears to be a permit requirement to purchase a gun of any type. You need a purchase for each handgun purchase, and can only purchase 1 handgun every 30 days. Not sure the process and forms, but that sounds like a background check for the lifetime purchaser permit, and the handgun permit regulates the once every 30 days restriction. Seem to be a reasonable, sensible laws. No licence for ownership, so if you get the gun as a gift or inheritance the only hoop you possibly have to jump through is registration if it was a gift. Now you might actually have a problem with the lack of ability to CARRY a gun, but that’s not making it difficult to buy or own it, just the ability to carry in public. I am not going to take a stance on the carry permit, but know that if that is your problem, you aren’t properly expressing it, which could lead to confusion.

Your original comment was confusing for several reasons. You asked if we supported your right to own firearms (which sounds like the beginning of a rhetorical device to poke a hole in logic), but then discard the rhetorical framing and say “because the government makes it difficult”. I could reasonably assume your point was that somehow like guns, encryption should be regulated. But combined with your second argument, it sounds more like your suggesting that we should call for the deregulation of guns as well? Still can’t find your purpose in bringing guns up.

Anonymous Coward says:

Re: Re: Re:

Would you support the government mandating someone buying encryption enabled products to apply and get a background check and permit?

See about buying a gun in Chicago. See about buying a gun in NYC, see about buying a gun in New Jersey. Sure, the law does allow it, but it is up to the local PD to approve you, and in New Jersey, they take their time.

James Burkhardt (profile) says:

Re: Re: Re: Re:

First off, thank you for more directly stating your question. It makes debate on the subject far easier.

As to your question – Apples and oranges. First off, I don’t remember any “fatalities by encryption” in the last year. Secondly, even when a criminal has encryption, The encryption isn’t a tool to commit a crime. Quite the opposite. The closest it comes to being a tool to commit a crime, is in that it can hide digital communication and therefore might hide the discussion of a crime. But aside from sharing classified information and ridiculous ‘Racketeering’ or ‘conspiracy’ charges, communication is not, in itself, a crime in this country. Thirdly, unless you are a large corporation, you rarely buy encryption products. You purchase a product that includes encryption as a feature. I can’t think of a parallel that is legal in the gun world. Any vehicle that comes with a gun mount either has it completely removed or comes without the gun itself when sold to private parties.

The fact is, that (as an example) in the hands of people who are mentally unstable, encryption doesn’t become directly dangerous to the health of others. Guns do. Encryption doesn’t give you a way to act upon raging emotions in the heat of the moment. Guns do.

As for the local PD being slow approving your purchase permits (or background checks), I can see that being a clear and present problem. That probably should be addressed. If its due to a permit backlog, they should really hire some temporary workers while a backlog exists. If its due to officers being slothful in their duties, a response time should be mandated by law with the Local PD being fined for not meeting that response time (perhaps a refund of the filing fee and mandated recovery of any court costs if a lawsuit is filed because it goes beyond 30 days past due?) If its a problem with your filings individually, sounds like a clear case of discrimination, and you could probably get it handled on those grounds.

Frankly, no. A permit and background check system for encryption is not only not supported by me, its unsupportable. It doesn’t help solve the problems law enforcement have with it (permitted encrypted communications are still encrypted communications), it doesn’t serve a public need (as it does with guns), and wide spread public encryption has a number of known, proven benefits (reduction in online theft, improving Anonymous conversation for the discussion of sensitive topics like government overreach esp in regions subject to government retaliation, ect).

As I said, its an apples to oranges comparison.

James Burkhardt (profile) says:

Re: Re: Re:3 Re:

I said why. Because not of what you have done, but because of the potential of the tool. I just expressed the significant differences in how encryption could be used as a tool for crime compared to a gun. Moreover, all criminals were at one point law abiding citizens. The distinction is that, until using encryption is a crime or communications are a crime, the law abiding citizen who gets his hands on encryption does not substantially modify his ability to commit a crime. A gun does. And, the sloth of your LPD notwithstanding, we do not prevent a sane, law abiding citizen from getting a gun. We merely make sure the hands we put a gun in are in fact those of a sane, law abiding hands (without a background check, there is no way to know you are a sane, law abiding citizen).

Again, lets use the mental illness example. In one case, the Mentally ill person gets ahold of encryption and wants to kill someone. The worst they can do is hide his communications with a contract killer. The encryption might have helped, but it isn’t doing the killing, nor is it facilitating a crime that otherwise could not have happened as the communication could have happened over other untracable communication lines, such as in-person or via snail mail. In all situations with encryption, the mentall ill can not take direct, immediate action. Contrast with a mentally ill person getting a gun. In a reasonable scenario, they kill the person they want to kill. Potentially some bystanders. maybe its the bystanders that they want to kill. In any case, the gun allows them to take direct immediate action upon their whims. A background check can help prevent people with no criminal record (law abiding citizen) with known mental health problems (I know a guy with paranoid schizophrenia, hes great 95% of the time on his meds, but the other 5%?) don’t get a hold of weapons that allow him to act on impulses coming from a damaged psyche.

Cars are deadly in the wrong hands. So we regulate the shit out of them. Licences, regestration, mandatory insurance, tests both written and practical. Encryption is not deadly, its not a weapon, and we don’t need to track who has it.

You have a very flawed premise. Police don’t like locked doors because criminals use them. Should we require a permit for a door lock? Police don’t like cheap pay as you go phones because criminals use these ‘burners’. Should we require a permit for them? Guns are not controlled because law enforcement doesn’t like that criminals might use them. They are controlled because evidence has shown that sensible gun control laws save lives.

To debate with me, you really need to address why this comparison is, despite my claims, not actually an apples to oranges comparison. You made the claim that they are the same with your only evidence being that law enforcement dislikes both for the same reason. I responded by giving you clear reasons why they should not be treated the same by law. Your response was to again make the claim that they are the same because law enforcement dislikes both. So I again have demonstrated a line of reasoning that expresses the fact that they are different and should be treated differently. Now I am going to ask something of you. Prove your point. You made the claim that guns are the apple to encryption’s apple. You claim they are the same. I can show that gun control solves both a law enforcement problem (registration helps track guns used in crimes) and a public interest problem (reducing crime by keeping guns out of the hands of criminals and the mentally ill). Can you bring up any evidence of how a permit system for encryption would solve either a law enforcement problem (They don’t want it at all), or a public interest one?

Karl (profile) says:

Front and center

The idea that trying to make broken internet technologies should be “front and center” of technology companies’ thinking bespeaks a complete contempt for their users.

It bespeaks a complete contempt for more than that. In fact, it goes against the very idea of free speech and an open society.

Imagine, for example, if he had claimed that stopping “terrorists” from exploiting the news should be “front and center” of the New York Times editorial staff. I think even he would see that this would lead to blatant censorship.

Special Branch SIS MI5 GCHQ Raytheon (user link) says:

There are terrorists in the government too

These senior police officers just need to shut the f**k up. If we want to use strong crypto we should be allowed to. We all know who the real terrorists are. It’s the Bankster controlled intelligence agencies, military and defence contractors. False flag operations… look it up, they do it all the time.

Even the police are running their little secret terrorist program called organized stalking, a covert psychological harassment program.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...