The FBI's Desired Encryption Back Doors Could Harm Intelligence Gathering, Military Operations

from the breaking-something-doesn't-just-break-it-for-the-'bad-guys' dept

While FBI director James Comey discusses all the inevitable horrors encrypted phones are poised to wreak on the nation's youth, those in the encryption business are pointing out how encrypted phones make things safer for our nation's military.

Vic Hyder and Mike Janke, two former Navy SEALs with the company Silent Circle, say that the FBI’s plan to block phone makers and service providers from offering phone encryption would make it significantly more difficult for deployed people to communicate back home and even for members of the intelligence community to communicate with sources…
Obviously, Janke and Hyder have a horse in this race. But it's not just their business that may be hurt by new laws aimed at destroying Apple and Google's default encryption.
While they acknowledge that their opposition is borne out of self-interest, they say that blocking encryption would also hurt their customers, which includes a lot of men and women on the front lines. “If Director Comey’s efforts actually resulted in legislative change to halt the sale of encryption or encryption services, he would only be hurting the American people, businesses, government entities who Silent Circle’s encrypted communication services are currently protecting,” Janke told Defense One.
Silent Circle's Blackphone already has customers in the military and its promise of encrypted communications has seen it put into service by other governments around the world. Philip Zimmerman, the creator of PGP (Pretty Good Privacy) and a Silent Circle co-founder, says he had the FBI inquire about pricing last August, well before Apple (and Google, shortly thereafter) somehow turned encryption into the playground of pedophiles, terrorists and other heinous criminals.

Sure, a lot of what Silent Circle's principal members are saying here isn't more than a step or two away from a direct sales pitch, but they do offer some insight that those outside of the New Crypto War don't have (as well as those outside the inner circle of the military). Zimmerman has already weathered one of those, thanks to the release of PGP. Now, they're pointing out what Comey and others haven't considered: that neutering encryption can harm intelligence gathering and operations.
The company says that legislation making encryption unavailable to the public could also hurt intelligence collection. The intelligence community today is a great deal larger and more diverse than it was 50 years ago. Potential sources of information in places like northern Iraq or China may be much less likely to provide actionable intel if they can’t communicate over a secure medium with U.S. agents, contractors, journalists or intermediaries. Getting good sources to talk becomes more difficult if secure communication is the sole right of a small handful of people.
Unfortunately, some of the statements offered in defense of encrypted communications by Silent Circle's founders tend to suggest that its products may remain in the hands of a small group of people. Hyder rattles off a list of governments currently using Silent Circle's products, including Mexico, Brazil, Ukraine, Saudi Arabia, Jordan, Singapore and Germany. (Not all of which are noted for their civil liberty protections and/or lack of domestic surveillance.) The other founders talk about offering pricing to the FBI and military intelligence. To Comey and like-minded individuals, encryption in the hands of government is perfectly fine. It's when it's offered to the general public that it becomes a problem. (Case in point: Washington DC police encrypt their radio communications while the department's chief calls Apple and Google's encryption a tool for "pedophiles and criminals.")

Silent Circle wants to make this for the masses, but if the legislative landscape shifts now that midterm elections are over, it could mean that the government will only allow encrypted communications if it can pick and choose who gets to enjoy this "privilege."

The simple fact is that encryption makes everyone's communications safer. That criminals are (as they always have been) still a subset of the group "everyone" simply isn't reason enough to make the option unavailable to anyone or compromise its security for the convenience of law enforcement.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Spaceman Spiff (profile), 26 Nov 2014 @ 4:01pm

    Who gets it?

    The "government" (or should I say "mis-government"?) wants encrypted phones. They just don't want the rest of us to have them so they can more easily spy on us. IE, what's good for the goose is not good for the gander, and since we know what a goose does to a gander...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 Nov 2014 @ 4:45pm

    Case in point: Washington DC police encrypt their radio communications while the department's chief calls Apple and Google's encryption a tool for "pedophiles and criminals."

    At least he's not deluding himself about their actual job.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 Nov 2014 @ 4:48pm

      Re:

      Best job a pedophile can get; you can get away with absolutely anything and never get punished. Unless one of the girls you rape turns out to have been the daughter of another cop. Then you get fired. (But are still eligible for a police pension.)

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Nov 2014 @ 6:53pm

    Blue Pill= all your hardware & jounalism belong to us.

    It is known (has been reported on TD even) that the baseband processors in cellular based devices are remotely accessible and have root access to the entire device, including system ram where encryption keys are kept.

    Encryption can not, in any way, mitigate this. Nothing a user can do, can mitigate this.
    They already have their back doors- it's part of the intentional design of the system, per CALEA and FCC rules.

    I can only speculate that TD has received an array of NSLs forbidding any further reporting on or acknowledgement of certain facts. Why else would so many articles ignore the baseband issue, when it is crucially relevant to the subject matter? Does no one else notice the 800lbs gorilla in the room?

    reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 1 Dec 2014 @ 8:21am

      Re: Blue Pill= all your hardware & jounalism belong to us.

      "It is known (has been reported on TD even) that the baseband processors in cellular based devices are remotely accessible and have root access to the entire device, including system ram where encryption keys are kept."

      This is not necessarily true, depending on the particular phone. To the best of my knowledge, only Samsung phones have been shown (so far) to have this problem.

      "Encryption can not, in any way, mitigate this. Nothing a user can do, can mitigate this."

      This is certainly not true. There are ways to mitigate this -- but they aren't necessarily user-friendly. For example, you can replace the broadband blob with one that is known to lack the backdoor.

      "it's part of the intentional design of the system, per CALEA and FCC rules."

      No, CALEA and FCC rules in no way require such backdoor access.

      "I can only speculate that TD has received an array of NSLs forbidding any further reporting on or acknowledgement of certain facts"

      No need to speculate so wildly. I can speculate a much more reasonable hypothesis that you don't see a lot of articles about this because there is very little to be said about it. There is no gorilla here (or, at least, the existence of such a gorilla hasn't been proven.)

      The real issue here is one that is frequently discussed: the use of software blobs that can't be vetted and that you have to trust the carrier's word for what, exactly, they are doing. This is no different than the broader subject of how trustworthy software is.

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Caution: Copyright
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.