FBI Director Chris Wray Says Secure Encryption Backdoors Are Possible; Sen. Ron Wyden Asks Him To Produce Receipts
from the not-so-great-when-you're-on-the-receiving-end-of-a-bludgeoning-interrogation dept
I cannot wait to see FBI Director Christopher Wray try to escape the petard-hoisting Sen. Ron Wyden has planned for him. Wray has spent most of his time as director complaining about device encryption. He continually points at the climbing number of locked phones the FBI can’t crack. This number signifies nothing, not without more data, but it’s illustrative of Wray’s blunt force approach to encryption.
I’m sure Wray views himself as a man carefully picking his way through the encryption minefield. But there’s nothing subtle about his approach. He has called encryption a threat to public safety. His lead phone forensics person has called Apple “evil” for offering it to its users. He has claimed the move to default encryption is motivated by profit. And if that’s not the motivation, then it’s probably just anti-FBI malice. Meanwhile, he claims the FBI has nothing but the purest intentions when it calls for encryption backdoors, even while Wray does everything he can to avoid using that term.
He claims the solution is out there — a perfect, seamless blend of secure encryption and easy law enforcement access. The solution, he claims, is most likely deliberately being withheld by the “smart people.” These tech companies that have made billionaires of their founders are filled with the best nerds, but they’re just not applying themselves. Wray asserts — without evidence — that secure encryption backdoors are not only possible, but probable.
Senator Ron Wyden has had enough. He’s calling out Director Wray on his bullshit. Publicly. His letter [PDF] demands Wray hand over information on his encryption backdoor plans. Specifically, Wyden wants Wray to name names. [via Kate Conger at Gizmodo]
Your stated position parrots the same debunked arguments espoused by your predecessors, all of whom ignored the widespread and vocal consensus of cryptographers. For years, these experts have repeatedly stated that what you are asking for is not, in fact, possible. Building secure software is extremely difficult, and vulnerabilities are often introduced inadvertently in the design process. Eliminating these vulnerabilities is a mammoth task, and experts are unified in their opinion that introducing deliberate vulnerabilities would likely create catastrophic unintended consequences that could debilitate software functionality and security entirely.
I would like to learn more about how you arrived at and justify this ill-informed policy proposal. Please provide me with a list of the cryptographers with whom you’ve personally discussed this topic since our July 2017 meeting and specifically identify those experts who advised you that companies can feasibly design government access features into their products without weakening cybersecurity. Please provide this information by February 23, 2018.
Remember how FBI directors (Wray, Jim Comey) claimed they just wanted to have “an adult conversation” with tech experts and cryptographers? My guess is they’ve never even tried. Wray hasn’t held the post for long, but he’s been beating Comey’s weathered anti-encryption drum as long as he’s held the title. And in all this time, I doubt he has talked to anyone in the tech industry directly about his encryption backdoor theory. Even if he has, he certainly hasn’t found anyone who agrees such a thing can be done without weakening device security. Wray will have no answers for Wyden. We can only hope being publicly embarrassed by Senator Wyden will force him to rethink his position.