Senators Launch Full On Nuclear War Against Encryption: Bill Will Require Broken Encryption, Putting Everyone At Risk

from the stop-pushing-this-bullshit dept

Another day, another bad bill. Just as we’re coming to terms with the EARN IT Act moving forward in Congress, three Senators — Lindsey Graham, Tom Cotton, and Marsha Blackburn — have announced a direct attack on encryption. The full bill is here. It’s 51 pages of insanity that would effectively destroy privacy and security on the internet. This is five-alarm fire bad.

For what it’s worth, Graham is also a co-sponsor of the EARN IT Act, which makes me wonder if he’s going to agree to an amendment of EARN IT that keeps encryption out of it while pushing this bill instead. That’s now the rumor making the rounds, and I even received a press release from an anti-porn activist group supporting this bill because they think it will help clarify that EARN IT won’t end encryption (none of that makes sense to me either, but…)

The announcement of the bill includes all the usual “think of the children” nonsense, claiming that we can’t have encryption because some bad people might use it for bad stuff. The press release summarizes what they claim the bill will do:

Highlights of the Lawful Access to Encrypted Data Act:

  • Enables law enforcement to obtain lawful access to encrypted data.
  • Once a warrant is obtained, the bill would require device manufacturers and service providers to assist law enforcement with accessing encrypted data if assistance would aid in the execution of the warrant.
  • In addition, it allows the Attorney General to issue directives to service providers and device manufacturers to report on their ability to comply with court orders, including timelines for implementation.

  • The Attorney General is prohibited from issuing a directive with specific technical steps for implementing the required capabilities.
  • Anyone issued a directive may appeal in federal court to change or set aside the directive.
  • The Government would be responsible for compensating the recipient of a directive for reasonable costs incurred in complying with the directive.

  • Incentivizes technical innovation.
    • Directs the Attorney General to create a prize competition to award participants who create a lawful access solution in an encrypted environment, while maximizing privacy and security.
  • Promotes technical and lawful access training and provides real-time assistance.
    • Funds a grant program within the Justice Department?s National Domestic Communications Assistance Center (NDCAC) to increase digital evidence training for law enforcement and creates a call center for advice and assistance during investigations.

    In short, this basically says “break encryption, but we won’t tell you how.” We’re right back to “nerd harder” except that this time it’s “nerd harder, or you’re breaking the law.”

    The problems with this should be evident from all the times we’ve discussed this before, so I’m really not interested in going over it all again. But the quick summary: installing a “backdoor” or “lawful access” to encrypted communications is not a simple technical problem. As cryptography expert Matt Blaze once said, it’s like saying “well, if you can land a man on the moon, why can’t you land a man on the sun.” A backdoor to encryption literally breaks the encryption and opens up a huge host of other problems, none of which are readily solvable. Instead, you just find more and more problems, each of which makes everyone less secure.

    The actual text of the bill is even worse than the summary. It’s crazy long so I won’t do a full breakdown here, but will call out a few scary, scary bits. The key part is that this basically requires the end of encryption. While there is some language early on about it not applying if “technically impossible,” there is other language that more or less cancels that out. Specifically, it requires Apple and other large device sellers to backdoor encryption. It is not an option, but a requirement:

    DEVICE MANUFACTURERS.?A device manufacturer that sold more than 1,000,000 consumer electronic devices in the United States in 2016 or any calendar year thereafter, or that has received an assistance capability directive under section 3513, shall ensure that the manufacturer has the ability to provide the assistance described in subsection (b)(2) for any consumer electronic device that the manufacturer?

    ??(A) designs, manufactures, fabricates, or assembles; and ??(B) intends for sale or distribution in the United States.

    So, if you sell more than a million consumer electronic devices in the US, you are required to make sure they have backdoors. That’s… going to be a LOT of backdoors. Every Alexa device. Every smart TV. And, of course, every phone. That’s devices. How about apps and services? More of the same:

    PROVIDERS OF REMOTE COMPUTING SERVICE; OPERATING SYSTEM PROVIDERS.?A provider of remote computing service or operating system provider that provided service to more than 1,000,000 subscribers or users in the United States in 2016 or any calendar year thereafter, or that has received an assistance capability directive under section 3513, shall ensure that the provider has the ability to provide the assistance described in subparagraphs (A) and (B) of subsection (b)(2) for any remotely stored data that the provider processes or stores.

    That’s… a lot of websites that will be barred from using real end-to-end encryption. The “shall ensure” part is what should scare everyone.

    That’s still talking about data stored on those servers though. As for “data in motion” again, services will have to provide backdoors under this bill. The reference to “technically impossible” only seems to apply to “independent actions of an unaffiliated entity that make it technically impossible to do”. So, the only way to avoid having to break encryption on your own services is to… outsource it to an unaffiliated entity who can make it impossible for you to break the encryption?

    As for messaging services: again, the bill “shall ensure” assistance:

    A provider of wire or electronic communication service that had more than 1,000,000 monthly active users in the United States in January 2016 or any month thereafter, or has received an assistance capability directive under section 3513, shall ensure that the provider has the ability to provide the information, facilities, and technical assistance described in section 2518(4).

    And it gets worse. The bill allows the Attorney General to order someone to break encryption:

    If a person fails to comply with a directive issued under subsection (b), the Attorney General may file a petition for an order to compel the person to comply with the directive in the United States District Court for the District of Columbia, which shall have jurisdiction to review the petition.

    There’s also a giant “NERD HARDER” section, which explains Bill Barr’s comments above. Basically it creates a contest, run by the Attorney General, to create a type of backdoored encryption where the Attorney General and his hand-picked judges will determine which technology wins. And by “wins” I mean loses, because that technology will be broken in no time at all, putting everyone at risk.

    This whole thing is so incredibly dangerous, and it’s not even clear that encryption is a real problem for law enforcement. The basic cost-benefit analysis here is that this law would put everyone, and all our communications, at risk of attack, for a possible benefit in a tiny number of cases, where there remains no evidence that a backdoor would have helped stop any crime. I can’t see how the tradeoff is worth it, and any elected official pushing this nonsense should be asked to explain how they weigh these costs and benefits. And if they answer like Bill Barr by saying “smart techies can figure it out” they should have their views discounted for being idiots.

    Meanwhile, the press release leads off with quotes from the three sponsors, all of which are head-bangingly wrong, but designed to do the usual tugging at the emotional strings rather than any actual recognition of what they’re pushing here:

    ?Terrorists and criminals routinely use technology, whether smartphones, apps, or other means, to coordinate and communicate their daily activities. In recent history, we have experienced numerous terrorism cases and serious criminal activity where vital information could not be accessed, even after a court order was issued. Unfortunately, tech companies have refused to honor these court orders and assist law enforcement in their investigations. My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to retrieve information to assist in their investigations. Our legislation respects and protects the privacy rights of law-abiding Americans. It also puts the terrorists and criminals on notice that they will no longer be able to hide behind technology to cover their tracks,? said Graham.

    There remains little evidence that terrorists have been able to communicate without law enforcement being able to access the info. Remember, the FBI flat out lied about how many devices it had in its possession that it couldn’t get into, and has since refused to give an updated number (despite multiple requests). At the same time, every time the FBI does come out and point to a situation where it can’t get into a phone, a few months later, they seem to admit that, well, actually, there was a technology that let them get in.

    On top of that, we’ve discussed how law enforcement and the FBI have access to so much other information thanks to social media, and various open source intelligence tools, that the idea that they need to attack encryption is just ridiculous.

    And that leaves out something else too: if we put backdoors into encryption, guess what will become a huge target for “terrorists and criminals”? That’s right: all of our communications.

    ?Tech companies? increasing reliance on encryption has turned their platforms into a new, lawless playground of criminal activity. Criminals from child predators to terrorists are taking full advantage. This bill will ensure law enforcement can access encrypted material with a warrant based on probable cause and help put an end to the Wild West of crime on the Internet,? said Cotton.

    This is just a joke. The internet is not “lawless” and there’s no indication of increased criminal activity, nor any evidence that law enforcement cannot solve crimes because of encryption or the internet. This bill won’t ensure anything other than opening up a new avenue for terrorists and criminals to terrorize.

    ?User privacy and public safety can and should work in tandem. What we have learned is that in the absence of a lawful warrant application process, terrorists, drug traffickers and child predators will exploit encrypted communications to run their operations,? said Blackburn.

    Yes, user privacy and public safety do work in tandem. But you know would would ruin that? Breaking encryption and throwing both of those things into the gutter.

    This bill should be trashed and these three Senators (and the Attorney General) deserve mockery for a technically ignorant, totally clueless and dangerous bill that would harm Americans and destroy both privacy and security, because some law enforcement agencies are too lazy to do their jobs. Frankly, the intelligence community should come out screaming about this bill as well, as they know full well how much more dangerous this will make their own work. This is a ridiculous attack on the internet.

    Filed Under: , , , , , , , , , ,

    Rate this comment as insightful
    Rate this comment as funny
    You have rated this comment as insightful
    You have rated this comment as funny
    Flag this comment as abusive/trolling/spam
    You have flagged this comment
    The first word has already been claimed
    The last word has already been claimed
    Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

    Comments on “Senators Launch Full On Nuclear War Against Encryption: Bill Will Require Broken Encryption, Putting Everyone At Risk”

    Subscribe: RSS Leave a comment
    54 Comments
    This comment has been deemed insightful by the community.
    Anonymous Coward says:

    Dear Senate

    You first. Break encryption on every method of communication that is used for official and unofficial use for the House and Senate. After a year of being able to review all of the important things that they are doing and verifying that it works without a problem, then consider rolling it out to the rest of us.

    We have a thing called the constitution and it is there to keep this kind of law from being passed. You would have to amend that for any of these arguments to be at all valid.

    ECA (profile) says:

    Re: Dear Senate

    Lets see..
    I agree, but lets keep asking…PENTAGON..
    Whats the Bitch here? They want it, they can have it..
    All laws are for Everyone? Correct?

    So now you have A fully uncensored, unencoded Internet..
    But only WHO can look at it to find the crooks?

    We now have Open documents on banks, Corps and Our medical data.(most of which seem to have already been hacked, By Whom?)

    Are you going to trace every Bank account? Why for anyone except the corps and rich? But that wont include international banking Will it? And Did you encrypt that Military Channel that has all the Unencrypted data YET?? That some person was arrested for sharing?

    What NEEDS to be encrypted to HELP the internet work?
    GAMES. And corp data?
    Most of the encoding used to make things Compacted has already been broken. Including Bluetooth and Wifi and even Cellphones.

    The amounts of data you are going to see, is soooo huge, it would take 3-5 years to sort, for 1 days data(if everything is included). And Unless you are looking at Specific location and persons… None of it will make sense.

    This isnt
    anti terrorist
    Anti Child porn
    Anti Sex worker

    This is a bunch of Dumb people thinking that its Possible. And have no idea of whats needed. Go ask google about YT. Go ask Amazon how much data is sent back and forth. Then lets ask what would Stop anyone from hacking the WHOLE THING, and Spamming the USA.
    Or..
    Is there another reason. That with all this OPEN data, that we would need a NEW Identification system?
    A new way to Bag and Tag every citizen so we can find Any/all those that are illegal? trespassing on USA soil?
    Anyone want to move to Chine or N. Korea?? at least we know where we stand and no one is lying to us..

    This comment has been deemed insightful by the community.
    Anonymous Coward says:

    The announcement of the bill includes all the usual "think of the children" nonsense, claiming that we can’t have encryption because some bad people might use it for bad stuff.

    Despite some people insisting otherwise, no evidence have been presented that would credibly suggest that children can actually be abused via encryption.

    This comment has been deemed funny by the community.
    Anonymous Coward says:

    Re: Re:

    Despite some people insisting otherwise, no evidence have been presented that would credibly suggest that children can actually be abused via encryption.

    I don’t know about that. Ever since that creep encrypted little Jimmy, we haven’t been able to tell if he has been abused. Now, if there was a backdoor, we could have gotten him back in the house safe and sound.

    aerinai (profile) says:

    So... HTTPS?

    So… data in motion… they also want to break HTTPS? But… how tho… That is a standard that has so many moving pieces that prevent a man-in-the-middle attack… and they want to redesign it to allow a blue-man-in-the-middle-attack?

    Like… my brain is melting trying to figure out how you do it without completely rewriting every security protocol we’ve developed over the last 40 years…

    You have things like sRTP, RDP, database protocols…. there’s so many things that ‘go over the internet’ that you can’t readily hand over to the man in blue… hell, even if you did, it wouldn’t mean that they would understand it or even use it. More than likely be chucked into the bit bucket and never looked at… but at least they now can tell which SQL query that terrorist ran!

    Anonymous Coward says:

    Re: Re:

    I’d say that Earn It has a better chance of passing compared to this Encryption-Killer. Mainly because Earn it has bi-partisan support (how broad the support is will be determined in the future, if at all) and had time garner that support. This Encryption-Killer is just recently introduced and it looks like it’s more apprealing to the Republicans than to Democrats. Because if so, then it could potentially pass the senate, but it could be more challenging to pass through the house.

    Personal Note: I’d give credit with Bluthmetal that at least, it appears that he’s willing to make some significant changes to the Earn It act so it could have less of a devastating impact. This bill is like the Earn It Act, but even less subtle and more transparent about creating a constitutional mess.

    Dr Smith says:

    Re: Re:

    If you have been paying attention to world governments for the past few years, you would know that they have no problem in competing with each other for the coveted "Cognitive Dissonance in Action" trophy – they would (and probably will) pass diametrically opposed legislation bills that both mandate and forbid the same action. Each with heavy fines for failure to accomplish the desired outcomes. This enables them to sue into oblivion those entities who just don’t contribute sufficiently to their campaigns.

    Anonymous Anonymous Coward (profile) says:

    Re: Re: Re:

    From my perspective the competition is for ‘The Most Authoritarian Government’. Where your aptly named "Cognitive Dissonance in Action" will come in is when authoritarianism is the operating standard for all governments worldwide and those in power desire more power then they will surprise, surprise, inevitably start eating other governments. But the real surprise then will be who will become not authoritarian of the year, but who will become authoritarian in the world. There can be only one!

    Anonymous Coward says:

    So let’s visit this Fanasyland where they have a backdoor encryption system that they have forced everyone to use and no one uses something that isn’t broken.
    First problem will be leakage of the magic key that allows access. It will happen, it will be abused.
    Second, you will have two groups going after this magic key, they will be relentless. Of the two groups, you better hope the hackers do it first, at least then you will have some notice about it being popped wide open before it is too late. if the other group gets it first, by the time you find out the criminals have the key, it will be too late.

    Either way this is nothing more than a bad bill presented by people that brag about how little they know.

    myriad (profile) says:

    What will the children say?

    Tech companies routinely aid criminals and terrorists by making it impossible to retrieve what they say when they are not on the phone. If you believe the arguments made in favor of this act, shouldn’t it also require that tech companies stop turning off the microphones on devices—phones, tvs, …—when no call is made?

    I’m a little afraid to say this for fear some senator will try to add it to the bill.

    Kitsune106 says:

    Won't

    That also apply to police and military gear too?
    Also, how would they keep the password from encryption and backdoors secret? we already have tons of breaches and leaks. And how will law enforcement access be regulated? We already had people scamming out law enforcement only data. And won’t bad state actors also go after this? I mean….won’t the evil evil chinese hackers try to pressure? and will they also keep companies who offer thse services afloat? will they be forbidden from employing non US people? as we see with cops, and what they say, only takes one bad apple, or one leaker. If snowden was able to walk away with all that data, and we lost NSA hackign tools, how can they assure that back door access won’t leave?

    Anonymous Coward says:

    It’s like PGP all over again – the US will have crippled encryption and the rest of the world will just get on with it.

    Except… Australia already has a similar, equally dumb law and the UK would be all over this in a heartbeat if they thought they could get away with it
    That would mean 3 of the 5Eyes would have unfettered access to their civilian’s private communication. It’s a slippery slope!

    Burning woodchipper says:

    Why stop with communications?

    Minor edits – why stop with encryption? Let’s require every vehicle manufacturer to give police the ability to immobilize the vehicle – after getting an appropriate court order, of course.

    “Terrorists and criminals routinely use transportation, whether cars, buses, scooters, or other means, to coordinate and carry out their daily activities. In recent history, we have experienced numerous terrorism cases and serious criminal activity where terrorists were able to flee, even after a court order was issued. Unfortunately, transportation companies have refused to honor these court orders to disable movement, and assist law enforcement in their pursuit. My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to immobilize suspects’ vehicles to assist in their capture. Our legislation respects and protects the transportation rights of law-abiding Americans. It also puts the terrorists and criminals on notice that they will no longer be able to use transportation to get to, or flee from, their criminal activities,” said Graham.

    Anonymous Coward says:

    Re: Why stop with communications?

    Minor edits – why stop with encryption? Let’s require every vehicle manufacturer to give police the ability to immobilize the vehicle – after getting an appropriate court order, of course.

    Why not? The police already has the ability ban access to oxygen without a warrant. Surely, banning anything else is perfectly reasonable….. in a third world shithole like the US.

    Anonymous Coward says:

    Sounds like a boon for small businesses!

    Looks like it’s time for me to start my own cell phone company, and app company, that limits sales to 999,999 devices per year, and allow no more than 999,999 users.

    Or, big brain time; franchise it! Have 9,999 different Facebook companies in the US, all capable of interconnecting to each other, but each separated by the first four digits of a person’s phone number.

    Tim R (profile) says:

    Aside from the normal clueless tech babble, this is why other countries laugh at us.Do they really think that any Syrian or Iranian jihadist buys his gear at the Apple store in downtown Dubuque? The tone deaf US-centric attitude here is mind blowing. It’s basically lawmakers saying that what we say goes, and devices manufactured outside of the US, which is a considerable footprint to be sure, just don’t count, or even exist.

    What’s even scarier is that those lawmakers have seen the headway that countries like France have made in trying to enforce their laws on the world, and they want in on that action.

    Combine that with a president and his party, whose entire worldview consists of "us vs them", both foreign and domestic, and we’ll be a political island separate from the rest of the world in no time.

    From Silicon Valley v. DC, all the way up to global superpowers, we will never have a society envisioned in overly optimistic science fiction because we’ll never be able to come together as a people and work with each other.

    Steve says:

    Ever Reaching implications

    I do not live in the USA, but i purchases electronic devices that are manufactured by US companies, eg: Apple and Android devices. This new legislation is utter nonsense.The United States government basically says "Nerd Harder" and my security goes down the drain. And I don’t even live in the USA!!!

    Hopefully I’ll be able to send them the bill when the banking app on my cellphone is compromised and my accounts are emptied.

    But you know….it’s all for the greater good after all.

    The Canadian government has made equally dumb decisions, but I do believe this one takes the proverbial cake.

    Anonymous Coward says:

    i’ll bet everything these Senators send/receive will be FULLY ENCRYPTED! the only reason that they want encryption banned is so they can know exactly what every one of us is doing while no one knows what the fuck any of them are doing! when you consider the ratio of how many of us are actually criminal or engaged in criminal activity/trying to hide something compared to how many of them are up to no good, self-preserving, self-serving and actually engaged in ‘trying to hide everything about themselves/what they are up to’, that ratio is actually VERY FRIGHTENING!! and this bullshit about law enforcement not finding perpetrators because of encryption is exactly that, BULLSHIT!!

    Anonymous Coward says:

    Companion Bill

    What we need for this is for someone to introduce a companion bill to this that requires all congressional offices, including bathrooms, to be built with glass that can be seen through by anyone with an oversight position, and a need to see into their office.

    They are welcome to use glass that is opaque to everyone except those who are in said position and have a need to see into the office. The bill can also create a budget to offer prizes for someone who’s able to make such glass!

    Since it doesn’t exist yet, they’ll just have to use clear glass for now, but I’m sure someone will be able to invent impossible glass, because this will create a reason for them to do so!

    Anonymous Coward says:

    This is purely down to DOJ interactions with Apple and other tech companies. Apple cooperated by providing iCloud data, telling them no, the devices cannot be unlocked. They want to bring Apple to heel. They don’t like being told no.

    Tech and Internet security, are, in fundamental ways, now national security. If encryption is properly implemented, we are all very safe in using online services. Everyone is secure, or, if this awful bill passes, no one is.

    It might be fun to ask Barr et al, if they understand that their devices will also have a back door, a teenager in the Ukraine will hack it, read all their messages, and get all their documents. They’ll splutter ‘No! that’s illegal! All our cases will be compromised!’ but they will be just as subject to it as the rest of the country. ‘According to your own law, we can’t protect you from that.’

    I’m smiling at the prospect of Apple remote bricking all ‘noncompliant’ devices for being illegal, including every one used by the DOJ and Congress. The one dark screen everyone sees afterward says ‘Device locked per DOJ and Congress legislative action.’ ooo, fun!

    I’ll be the one to post an old joke: If encryption is made illegal, only crimina…wipwrgvnoqs [l93ru483-02ufnojwdv0-234vmc0-qw3er0ijcn…

    That One Guy (profile) says:

    Re: All encryption is equal, some encryption is more equal

    It might be fun to ask Barr et al, if they understand that their devices will also have a back door, a teenager in the Ukraine will hack it, read all their messages, and get all their documents. They’ll splutter ‘No! that’s illegal! All our cases will be compromised!’ but they will be just as subject to it as the rest of the country. ‘According to your own law, we can’t protect you from that.’

    Oh I guarantee you that the devices they use will have working encryption, it’s only the peons that will be required to use broken encryption because obviously their privacy and security will remain sacrosanct, given how important they are you see.

    ECA (profile) says:

    What would it solve?

    What in hell would this do??
    Give us enough jobs in the WHOLE nation for 1/2 of us to monitor the other 1/2?

    Think about a GAME/program that has to have an OPEN/Un-encoded Chat channel..
    Even if they arent monitoring our Video watching. That is still allot of Txt, and audio to scan for Anything..

    Who here thinks we have the tech and time to scan all the data?? The amount of processing of Audio/video/txt, including every game channel is huge. And part of the reason its not already done.
    The installation installed in Utah, tends to fail allot. And how big of a City and cooling towers do you think you will need?..

    That One Guy (profile) says:

    As long as we're playing with words...

    Since they seem to be so fond of playing with words in an attempt to sprinkle gold dust on a turd, I propose that any mention of encryption be swapped out with security and privacy, as that’s what they are really going after.

    Criminals aren’t being protected by encryption, they are being protected by privacy.

    Criminals aren’t conversations outside the reach of the ‘lawful authorities’ because of encryption, they are doing so thanks to security.

    Then, once that part is made clear, one need only point out that the exact same privacy and security that criminals are using are used by the general public, such that attacking privacy and security used by criminals by necessity attacks the privacy and security of the general public, meaning that far from harming criminals an attack on encryption is instead giving them the biggest gift possible, handing hundreds of millions of people to them on a silver platter.

    And for those that don’t give a damn about the privacy and security of the public(why hello politicians and DOJ/FBI) it should be pointed out that just about every industry involves encryption at some point, so crippling encryption will do massive damage to the economy, whether from companies smartly leaving the country to set up shop in places that actually care about security or from massive crime sprees and the damage from them.

    Zonker says:

    This bill does not go far enough and should include physical locks on doors, containers, and vaults.

    Lock manufacturers and property owners will be required to provide master key access to law enforcement when a warrant is obtained to search a property.

    The Attorney General will create a prize competition for the creation of master keys that only work for law enforcement conducting lawful searches. Obviously master keys can be made for all locks that will never be duplicated, lost, stolen, or reverse engineered. Nerd harder.

    All locks, safes, and vaults made or installed in the US will be subject to this law. All properties must comply including homes, businesses, gun lockers, stores, banks, prisons, armories, etc.

    This way, law enforcement can stop terrorists and criminals without giving up privacy or security. For the children. /s

    (Law does not apply outside of the USA)

    Anonymous Coward says:

    Re: Re:

    Lock manufacturers and property owners will be required to provide master key access to law enforcement when a warrant is obtained to search a property.

    Not needed. A physical object will break with enough force and time applied to it. Not so much for encryption. Of course, you could just find the idiot that deployed it and use a $5.00 wrench on them, but that would require actual police work, and of course the mice tend not to do things when they know they are being actively watched.

    Honestly, I’m surprised that the corruption that the US Government even cares about maintaining face at this point. Everyone who is alive knows there’s no level to which they won’t stoop to get what they want. They should just block all encryption at Room 641A. If they can’t read it, just send in the local goons to bust down doors and break some skulls. It’s what they want, so why not? It’s not like most people expect better of them.

    As a side note, if you are one of those people who expects better of their government: Hi. What’s it like to live in a country that respects it’s citizens? More importantly: Where is it, and what is the name of it?

    Anonymous Coward says:

    One thing police cannot do, under any circustance, even under Earn it, is force you to unlock your encrypted phone. That would violate the 5th amendment

    I have my phone not only encrypted, but also have a mode set on it where if there are 15 failed password attempts, the phone automatically wipes itself and cannot be used again until you enter your Google password

    That is what makes Android superior to iPhone. iPhones do not have that insane security level.

    That One Guy (profile) says:

    Re: Re:

    Yeah, that’s… not quite true.

    Various cases have come down on either side of that question, some claiming(correctly as I see it) that forcing someone to unlock a device is a violation of the fifth amendment in that it forces you to provide potentially incriminating evidence, while others have twisted themselves in knots to claim otherwise.

    Anonymous Coward says:

    If Calexit ever happens, and Calfornia were becomes three countries, one of them being the Republic Of Silicon Valley, services in that country would not have to obey US laws.

    Google, for example, being in the Republic Of Silicon Valley would have only have to obey Siliconian law, the same thing with Apple, YouTube, and other tech firms that wuold be in the new country.

    California woulde likely become three countries, it CalExit happens, california (Capital Sacramento), Jefferson (Capital Redding) and the Republic Of Silicon Valley (Capital San Francisco)

    Tech firms in the Republic Of Silicon Valley would not have to comply with any US laws, even with users in the USA. The United States Government would have no jurisdiction in the Republic Of Silicon Valley.

    Anonymous Coward says:

    One thing this obviously does not to is outlaw private VPNs, that is probably outlaws public ones.

    So you could set your own private server for your own use.

    I do that whenever I take a road trip to Mexico, so that I can listen to my iHeart playlists when I am down there. Just tell my phone to connect to my VPN at home and it will look to iHeart like I am on my own home computer, and iHeart is never the wiser.

    And no, this does not break any USA or Mexico laws.

    That One Guy (profile) says:

    Re: Re:

    Oh that comes next, once you’ve made it illegal for US companies to offer encryption that actually works and the public shifts to foreign encryption as a result then you make it illegal to have working encryption, since clearly only a criminal would care about security and privacy.

    (I wish I was joking or being sarcastic but if someone is that rabidly against security and privacy then allowing people to use encryption simply is not an option, such that unless reigned in it’s only a matter of time until merely using encryption if you’re not rich and/or powerful becomes a crime.)

    Feldie47 (profile) says:

    As someone who has taught mathematics for over half a century I can find no parallel to this and am a loss to find similar foolishness. It seems vaguely analogous to our flailing attempt(s) to control the pandemic, without consulting Mother Nature, as wildly far-fetched as that may be.

    We seek an unbreakable asynchronous method to hide a quantity, but then want to be able, only in the most strident of circumstances, to break that very method? And, of course, it should only be unbreakable by ‘good’ people with ‘good’ intentions?

    Any student of mine who came to me with that objective, challenge, or call it whatever the hell you wish, would not pass my class.

    Perhaps I should retire?

    bobob says:

    The might make encryption more inconvenient and compromise many legitimate uses for it, but they can’t stop it. On the other hand, this "Earn it" shit might be good for creating a cottage industry for people out of work to create apps. With lots of choices shared among groups of people using the same app, it will be a lot harder to find weaknesses in all of them than find a weakness in a more or less universal app. Sure, you’ll be limited to people using the same app, but at least you won’t be trusting facebook or whatever to do it for you.

    Rishzze (user link) says:

    how to tell if a chinese woman likes you

    daughter pledges to help others after parents die from cancer after smoking

    Susan has pledged to leave a gift in her Will to Cancer Research UK after losing both her parents to the diseaseLosing both her parents to cancer before she was 30 has clearly had a huge relation to Susan.

    Growing up at a time when smoking and the links with cancer had not yet been made, She remembers all her family on both her mom and dad sides puffing away without knowing the risks.

    She has since lost many siblings to cancer, which explains why she has pledged to leave a share of her Will to Cancer Research UK.

    barbara, taken from Cambridge, asserted: "I grew up in Liverpool at a time when it seemed the majority of us smoked certainly everyone did on both sides of my family. i never smoked myself, But going from an early age waking up to hear my father coughing to clear the mucus from his lungs.

    "a number of relatives died from one kind of cancer or the other. once the link was not well known between smoking and cancer.

    "In 1974 my mother was generally not feeling very well. I was on vacation in Greece when my mother went to the GP.

    "my parents didn want to worry me while I was away, And so it wasn until I came back that I learned she had been diagnosed with lung cancer.

    "She had been defined in July, And by Christmas or New Year she was back home but unable to get up the stairs, She alleged.

    "Things were varying then; There was a feeling that if we help keep cheerful, We can be my mother for longer. normally said: ‘You know she’s dying’ there was no way we could go over it, Even after she had been administered the last rites. She passed on in June 1975.

    "My mother gave up smoking when she was declared, But my dad did not stop even when she died. Three years later I went on holiday to the same location in Greece and came back to find my father had been hospitalised. It was discovered that he had cancer in his lungs which reached his brain.

    "He hasn’t been told he had cancer, because doctors knew there was nothing they could do. I’m not being critical; This was what actually transpired 40 years ago. my father was diagnosed in July 1978 and died six weeks later,

    Dr Ashley Nicholls is researching drug development for childhood leukemias and why breast cancer recurs in women at the Cancer Research UK Cambridge Institute

    Many studies across the UK, Such as those at the Cambridge institute, benefit from the generosity of people leaving a gift to Cancer Research UK in their Will.

    Dr Ashley Nicholls is a researcher at [url=https://www.bestbrides.net/meet-hot-viet-girl-the-sexiest-influencers-to-follow-in-vietnam/%5Dhot viet girls[/url] cancer Research UK Cambridge Institute, focusing on drug development for childhood leukaemia.

    Here he related to his projects, The impact of COVID 19 and the value of Gifts in Wills for his research.

    "I am currently working on two projects at the institute. The first focuses on why some patients find their breast cancer returns 5 to 10 years after their initial treatment.

    "The other project aims to find a new drug to treat childhood leukaemias. Our focus is to find vulnerabilities in leukaemia cells that are not found in normal healthy cells.

    "eventually, This will enable us to find drugs which target and destroy cancer cells esspecially, But not normal heart-healthy cells.

    "anyhow, the recent COVID 19 pandemic has affected all areas of cancer. The cause problems for labs, Clinical trials and cancer services has been devastating.

    "The temporary closure of Cancer Research UK’s shops and postponement of events by using the pandemic is having huge implications on our fundraising, With a forecast 30% decline in fundraising income this year.

    medical professional Ashley Nicholls, Researcher at cancer Research UK Cambridge Institute

    "Cancer exploration UK’s funding is vital to our team. It enables us to use modern technology to answer the most difficult biological questions.

    "It also provides funding to bring together teams of experts to solve cancer’s most difficult problems to benefit patients internationally. Without funding we wouldn’t be able to do our life saving research.
    [—-]

    Add Your Comment

    Your email address will not be published.

    Have a Techdirt Account? Sign in now. Want one? Register here

    Comment Options:

    Make this the or (get credits or sign in to see balance) what's this?

    What's this?

    Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

    Follow Techdirt

    Techdirt Daily Newsletter

    Techdirt Deals
    Techdirt Insider Discord
    The latest chatter on the Techdirt Insider Discord channel...
    Loading...