Putin Says All Encryption Must Be Backdoored In Two Weeks

from the make-it-snappy dept

A few weeks ago, we wrote about the push by the Russian Duma to pass a massive new surveillance bill that would mandate backdoors to encryption as well as massive data retention requirements for service providers, including saying that they need to store recordings of phone calls. As you may have heard, earlier this week, Russian President Vladimir Putin signed the bill into law. And apparently to prove that he’s serious about all of this, Putin has also signed an executive order telling the FSB (the modern version of the KGB) to make sure it gets encryption keys to unlock everything within the next two weeks.

After signing controversial anti-terrorist legislation earlier today, President Putin ordered the Federal Security Service (the FSB, the post-Soviet successor to the KGB) to produce encryption keys to decrypt all data on the Internet. According to the executive order, the FSB has two weeks to do it. Responsibility for carrying out Putin’s instructions falls on Alexander Bortnikov, the head of the FSB.

As the article notes, there’s a lot of uncertainty here, because in many cases, when things are encrypted locally or where there are private keys, there isn’t any way for service providers to turn over any keys.

What happens next is a little unclear. But it seems likely that the Russian government will use this to attack certain encrypted communications services, and potentially block and/or fine them for failing to comply with the new law. There has been a lot of talk about how Ed Snowden has been speaking out against this law, as he should. Considering that he uses a number of different encryption systems to communicate with the world, this law puts him very directly in danger. But it also puts lots of other people at risk as well. As we’ve been pointing out for a while, encryption does much more to protect everyday citizens than it does to hide the communications of “terrorists.” Undermining that puts a lot more people at risk of people hacking into their stuff than being a victim of a terrorist attack.

Filed Under: , , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Putin Says All Encryption Must Be Backdoored In Two Weeks”

Subscribe: RSS Leave a comment
Uriel-238 (profile) says:

Let's also see what new forms of Steganographic crypto appear in response.

If plausible deniability encryption starts becoming public and popular in response to this then it means we in the US will be prepared when our government makes the same mistake.

In the meantime, the people of Russia are about to get way more vulnerable to hackers, state-endorsed or otherwise.

Anonymous Coward says:

once a spy, always a spy

Since Putin — a spy by trade — spent years running the world’s second largest spy agency, is it really a surprise that he might tend to view government spying as a good thing?

The NSA or CIA might not be the only ones to plant backdoors in open source encryption. A rather high proportion of the world’s crypographic experts are Russian. The RSA debacle might not be unique.

Anonymous Coward says:

disgraceful and should be condemned but is it so different from what is wanted in the USA, in the UK and many other so-called democratic countries? no! it fucking isn’t! that’s why those who want to do it are removing democracy for good and those who dont want it are condemned as being backers of terrorism! ridiculous!

Yakko Warner (profile) says:

Talk about a no-win scenario

President Putin ordered the Federal Security Service to produce encryption keys to decrypt all data on the Internet. According to the executive order, the FSB has two weeks to do it.

Decrypt all data on the Internet? The whole Internet?

Might as well order them to solve global warming and world peace while he’s at it.

Sargas says:

Join the club.

The new legislation also violates Russian citizens’ right to the privacy of correspondence, which is enshrined in Article 23 of the Constitution. In order to deprive Russians of this right, police need a court order. The “Yarovaya legislation,” however, grants law-enforcement agencies access to everyone’s messages without any judicial oversight. [link]

Seems like Putin and the FSB are one the came page as Obama and the FBI.

any moose cow word says:

Basically, this means they have two weeks to relocate their data and web services outside of Russian territories and a mass exodus of the .ru domain. What’s worse is that could just as well be the fate of the US and the .com domain. We’re just a few months from potentially electing a president that admires authoritarians such as Putin.

any moose cow word says:

Re: Re:

To put this in perspective, the massive exodus of knowledge and talent from Nazi Germany to the US was a huge boost to our economy. Now, imagine that happening again, except this time it’s fleeing the US for Europe or Asia. It’s already happened in part within the physics community after we dropped our super collider project. When the LHC was announced, many of them grabbed passports and left for Europe.

Uriel-238 (profile) says:

Re: Cautionary fiction

It’s a pretty commonplace story type: Miserable citizens of a thoroughly oppressive dystopia get a taste of love and inner meaning and attempt to reconcile this with the society around them. Sometimes they escape the society, sometimes it tears them apart.

These days, young adult fiction is full of the stuff.

Anonymous Coward says:

I almost want to put the “you call will be recorded” message before any outbound calls to Russia now, but it would probably generate too many support tickets.

Interesting how the virtual walls appear the same as physical borders are reinforced. The world is closing itself off from each other, and I have trouble staying optimistic about it :/

BoB says:

Sensationalist bullcrap

I dont understand what the whole fuss is all about. In many countries around the world the policy is that all telcos maintain data for a given amount of time, and metadata also. And its also known that any company that uses enryption for data comunication must provide keys to government if requested, and they do, which is actually what the article says. There have been many cases where VPN providers, for example, gave keys to data and access to logs when request was made by local law enforcement agencies. VPN providers, for example, have the right to refuse foreign agencies. All this is some sensationalist bull – keys to the internet…ROFL!
P.S. in Australia this already been done, wake up, no one caress.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...