No, Strong Crypto Is Not Making The World 'Go Dark' For Intelligence Agencies: Here's Why
from the don't-be-afraid-of-the-dark dept
Last year, Techdirt noted that there was something of a concerted campaign to paint strong encryption as a real threat to intelligence agencies. That's continuing, except that for a number of recent attacks "encryption" has become a generic excuse for intelligence failures. To the extent that there was any real logic behind the attacks on crypto, the main one was that it was making things "go dark" by preventing the authorities from accessing vital information that could have stopped the attack/saved lives/led to arrests etc. if only it had been available. You can see why this phrase is such a favorite: it cleverly reminds us that once things have gone dark, all kinds of scary stuff could start happening, just like in our childhood nightmares. The only problem with this metaphor is that it is exactly wrong, as Phillip Rogaway points out in a recent interview in The Atlantic:
law enforcement has an extraordinary set of tools available to them now. An unprecedented set of capabilities, both for law enforcement and intelligence services. These aren't somehow the dark times for either law enforcement or intelligence. These are the times of extraordinary information. Nowhere in history has it been so easy to learn so much about everybody.
Critics might counter that it's easy to say that, but how are the authorities supposed to gather vital information when strong encryption has been used? An excellent column in The Washington Post by Nicholas Weaver, a computer security researcher at the International Computer Science Institute, provides step-by-step instructions that the intelligence services can follow if they are afraid of the gathering dark:
Let's examine a hypothetical investigation into Johnny Badguy. To plan and execute his crimes, Johnny uses an iPhone with encrypted features -- such as disk encryption that prevents anyone without the pass code from accessing the data and iMessage which encrypts messages in transit -- that have drawn the ire of FBI Director James Comey.
As Weaver points out, the communications metadata is actually much more useful than any encrypted content that has "gone dark":
If the investigator knows everything Johnny does, everyone he talks to and everywhere he goes, how much does it matter that the investigator doesn't know what Johnny says?
And it's not just about metadata: unless switched off, Johnny's iCloud backup will include a copy of all undeleted messages, all his contacts, his email accounts and his photographs. Moreover, Weaver notes, Google provides even more useful info:
Every IP address used to log into the Google account can recreate Johnny's movements -- the same information used by the FBI to unmask former CIA head David Petraeus's affair. If Johnny stays logged into Google through his browser, investigators have access to Johnny's search history and, thanks to how the Google+ button operates, a large number of the pages Johnny has viewed.
On top of that, a warrant to the phone company will provide:
the movements of the phone itself, as every call, text or push notification records at least the cell tower and sector, which says Johnny was in a particular wedge-shaped location occupying a few square miles.
As Weaver concludes:
Taken together, and further combined with other sources (such as the near-ubiquitous license plate readers and toll-tags), investigators have a nearly complete picture of Johnny's behavior, movements and associates without having to ever worry about the effects of cryptography.
As well as confirming that metadata is in general far more revealing than content -- despite what the UK government likes to insist -- Weaver's tale of Johnny Badguy brings out something that is insufficiently appreciated: the fact that today's mobile devices provide an amazing treasure-trove of information about their owner that is without precedent historically. In fact, Weaver's helpful analysis shows that the real threat to the intelligence agencies is not that the bad people might start using strong encryption, but that they might stop using smartphones.