President Obama Is Wrong On Encryption; Claims The Realist View Is 'Absolutist'

from the get-real dept

Support our crowdfunding campaign to help us keep covering stories like this!

This is not all that surprising, but President Obama, during his SXSW keynote interview, appears to have joined the crew of politicians making misleading statements pretending to be "balanced" on the question of encryption. The interview (the link above should start at the very beginning) talks about a variety of issues related to tech and government, but eventually the President zeroes in on the encryption issue. The embed below should start at that point (if not, it's at the 1 hour, 16 minute mark in the video). Unfortunately, the interviewer, Evan Smith of the Texas Tribune, falsely frames the issue as one of "security v. privacy" rather than what it actually is -- which is "security v. security."
In case you can't watch that, the President says he won't comment directly on the Apple legal fights, but then launches into the standard politician talking point of "yes, we want strong encryption, but bad people will use it so we need to figure out some way to break in."

If you watch that, the President is basically doing the same thing as all the Presidential candidates, stating that there's some sort of equivalency on both sides of the debate and that we need to find some sort of "balanced" solution short of strong encryption that will somehow let in law enforcement in some cases.

This is wrong. This is ignorant.

To his at least marginal credit, the President (unlike basically all of the Presidential candidates) did seem to acknowledge the arguments of the crypto community, but then tells them all that they're wrong. In some ways, this may be slightly better than those who don't even understand the actual issues at all, but it's still problematic.

Let's go through this line by line.
All of us value our privacy. And this is a society that is built on a Constitution and a Bill of Rights and a healthy skepticism about overreaching government power. Before smartphones were invented, and to this day, if there is probable cause to think that you have abducted a child, or that you are engaging in a terrorist plot, or you are guilty of some serious crime, law enforcement can appear at your doorstep and say 'we have a warrant to search your home' and they can go into your bedroom to rifle through your underwear to see if there's any evidence of wrongdoing.
Again, this is overstating the past and understating today's reality. Yes, you could always get a warrant to go "rifle through" someone's underwear, if you could present probable cause that such a search was reasonable to a judge. But that does not mean that the invention of smartphones really changed things so dramatically as President Obama presents here. For one, there has always been information that was inaccessible -- such as information that came from an in-person conversation or information in our brains or information that has been destroyed.

In fact, as lots of people have noted, today law enforcement has much more recorded evidence that it can obtain, totally unrelated to the encryption issue. This includes things like location information or information on people you called. That information used to not be available at all. So it's hellishly misleading to pretend that we've entered some new world of darkness for law enforcement when the reality is that the world is much, much brighter.
And we agree on that. Because we recognize that just like all our other rights, freedom of speech, freedom of religion, etc. there are going to be some constraints that we impose in order to make sure that we are safe, secure and living in a civilized society. Now technology is evolving so rapidly that new questions are being asked. And I am of the view that there are very real reasons why we want to make sure that government cannot just willy nilly get into everyone's iPhones, or smartphones, that are full of very personal information and very personal data. And, let's face it, the whole Snowden disclosure episode elevated people's suspicions of this.

[...]

That was a real issue. I will say, by the way, that -- and I don't want to go to far afield -- but the Snowden issue, vastly overstated the dangers to US citizens in terms of spying. Because the fact of the matter is that actually that our intelligence agencies are pretty scrupulous about US persons -- people on US soil. What those disclosures did identify were excesses overseas with respect to people who are not in this country. A lot of those have been fixed. Don't take my word for it -- there was a panel that was constituted that just graded all the reforms that we set up to avoid those charges. But I understand that that raised suspicions.
Again, at least some marginal kudos for admitting that this latest round was brought on by "excesses" (though we'd argue that it was actually unconstitutional, rather than mere overreach). And nice of him to admit that Snowden actually did reveal such "excesses." Of course, that raises a separate question: Why is Obama still trying to prosecute Snowden when he's just admitted that what Snowden did was clearly whistleblowing, in revealing questionable spying?

Also, the President is simply wrong that it was just about issues involving non-US persons. The major reform that has taken place wasn't about US persons at all, but rather about Section 215 of the PATRIOT Act, which was used almost entirely on US persons to collect all their phone records. So it's unclear why the President is pretending otherwise. The stuff outside of the US is governed by Executive Order 12333, and there's been completely no evidence that the President has changed that at all. I do agree, to some extent, that many do believe in an exaggerated view of NSA surveillance, and that's distracting. But the underlying issues about legality and constitutionality -- and the possibilities for abuse -- absolutely remain.

But none of that actually has to do with the encryption fight, beyond the recognition -- accurately -- that the government's actions, revealed by Snowden, caused many to take these issues more seriously. And, on that note, it would have been at least a little more accurate for the President to recognize that it wasn't Snowden who brought this on the government, but the government itself by doing what it was doing.
So we're concerned about privacy. We don't want government to be looking through everybody's phones willy-nilly, without any kind of oversight or probable cause or a clear sense that it's targeted who might be a wrongdoer.

What makes it even more complicated is that we also want really strong encryption. Because part of us preventing terrorism or preventing people from disrupting the financial system or our air traffic control system or a whole other set of systems that are increasingly digitalized is that hackers, state or non-state, can just get in there and mess them up.

So we've got two values. Both of which are important.... And the question we now have to ask is, if technologically it is possible to make an impenetrable device or system where the encryption is so strong that there's no key. There's no door at all. Then how do we apprehend the child pornographer? How do we solve or disrupt a terrorist plot? What mechanisms do we have available to even do simple things like tax enforcement? Because if, in fact, you can't crack that at all, government can't get in, then everybody's walking around with a Swiss bank account in their pocket. So there has to be some concession to the need to be able get into that information somehow.
The answer to those questions in that final paragraph are through good old fashioned detective work. In a time before smartphones, detectives were still able to catch child pornographers or disrupt terrorist plots. And, in some cases, the government failed to stop either of those things. But it wasn't because strong enforcement stymied them, but because there are always going to be some plots that people are able to get away with. We shouldn't undermine our entire security setup just because there are some bad people out there. In fact, that makes us less safe.

Also: tax enforcement? Tax enforcement? Are we really getting to the point that the government wants to argue that we need to break strong encryption to better enforce taxes? Really? Again, there are lots of ways to go after tax evasion. And, yes, there are lots of ways that people and companies try to hide money from the IRS. And sometimes they get away with it. To suddenly say that we should weaken encryption because the IRS isn't good enough at its job just seems... crazy.
Now, what folks who are on the encryption side will argue, is that any key, whatsoever, even if it starts off as just being directed at one device, could end up being used on every device. That's just the nature of these systems. That is a technical question. I am not a software engineer. It is, I think, technically true, but I think it can be overstated.
This is the part that's most maddening of all. He almost gets the point right. He almost understands. The crypto community has been screaming from the hills for ages that introducing any kind of third party access to encryption weakens it for all, introducing vulnerabilities that ensure that those with malicious intent will get in much sooner than they would otherwise. The President is mixing up that argument with one of the other arguments in the Apple/FBI case, about whether it's about "one phone" or "all the phones."

But even assuming this slight mixup is a mistake, and that he does recognize the basics of the arguments from the tech community, to have him then say that this "can be overstated" is crazy. A bunch of cryptography experts -- including some who used to work for Obama -- laid out in a detailed paper the risks of undermining encryption. To brush that aside as some sort of rhetorical hyperbole -- to brush aside the realities of cryptography and math -- is just crazy.

Encryption expert Matt Blaze (whose research basically helped win Crypto War 1.0) responded to this argument by noting that the "nerd harder, nerds" argument fundamentally misunderstands the issue:
If you can't read that, Blaze is basically saying that all crypto includes backdoors -- they're known as vulnerabilities. And the key focus in crypto is closing those backdoors, because leaving them open is disastrous. And yet the government is now demanding that tech folks purposely put in more backdoors and not close them, without recognizing the simple fact that vulnerabilities in crypto always lead to disastrous results.
So the question now becomes that, we as a society, setting aside the specific case between the FBI and Apple, setting aside the commercial interests, the concerns about what could the Chinese government do with this, even if we trust the US government. Setting aside all those questions, we're going to have to make some decisions about how do we balance these respective risks. And I've got a bunch of smart people, sitting there, talking about it, thinking about it. We have engaged the tech community, aggressively, to help solve this problem. My conclusions so far is that you cannot take an absolutist view on this. So if your argument is "strong encryption no matter what, and we can and should in fact create black boxes," that, I think, does not strike the kind of balance that we have lived with for 200, 300 years. And it's fetishizing our phones above every other value. And that can't be the right answer.
This is not an absolutist view. It is not an absolutist view to say that anything you do to weaken the security of phones creates disastrous consequences for overall security, far beyond the privacy of individuals holding those phones. And, as Julian Sanchez rightly notes, it's ridiculous that it's the status quo on the previous compromise that is now being framed as an "absolutist" position:


Also, the idea that this is about "fetishizing our phones" is ridiculous. No one is even remotely suggesting that. No one is even suggesting -- as Obama hints -- that this is about making phones "above and beyond" what other situations are. It's entirely about the nature of computer security and how it works. It's about the risks to our security in creating deliberate vulnerabilities in our technologies. To frame that as "fetishizing our phones" is insulting.

There's a reason why the NSA didn't want President Obama to carry a Blackberry when he first became President. And there's a reason the President wanted a secure Blackberry. And it's not because of fetishism in any way, shape or form. It's because securing data on phones is freaking hard and it's a constant battle. And anything that weakens the security puts people in harm's way.
I suspect that the answer is going to come down to how do we create a system where the encryption is as strong as possible. The key is as secure as possible. It is accessible by the smallest number of people possible for a subset of issues that we agree are important. How we design that is not something that I have the expertise to do. I am way on the civil liberties side of this thing. Bill McCraven will tell you that I anguish a lot over the decisions we make over how to keep this country safe. And I am not interested in overthrowing the values that have made us an exceptional and great nation, simply for expediency. But the dangers are real. Maintaining law and order and a civilized society is important. Protecting our kids is important.
You suspect wrong. Because while your position sounds reasonable and "balanced" (and I've seen some in the press describe President Obama's position here as "realist"), it's actually dangerous. This is the problem. The President is discussing this like it's a political issue rather than a technological/math issue. People aren't angry about this because they're "extremists" or "absolutists" or people who "don't want to compromise." They're screaming about this because "the compromise" solution is dangerous. If there really were a way to have strong encryption with a secure key where only a small number of people could get in on key issues, then that would be great.

But the key point that all of the experts keep stressing is: that's not reality. So, no the President's not being a "realist." He's being the opposite.
So I would just caution against taking an absolutist perspective on this. Because we make compromises all the time. I haven't flown commercial in a while, but my understanding is that it's not great fun going through security. But we make the concession because -- it's a big intrusion on our privacy -- but we recognize that it is important. We have stops for drunk drivers. It's an intrusion. But we think it's the right thing to do. And this notion that somehow our data is different and can be walled off from those other trade-offs we make, I believe is incorrect.
Again, this is not about "making compromises" or some sort of political perspective. And the people arguing for strong encryption aren't being "absolutist" about it because they're unwilling to compromise. They're saying that the "compromise" solution means undermining the very basis of how we do security and putting everyone at much greater risk. That's ethically horrific.

And, also, no one is saying that "data is different." There has always been information that is "walled off." What people are saying is that one consequence of strong encryption is that it has to mean that law enforcement is kept out of that information too. That does not mean they can't solve crimes in other ways. It does not mean that they don't get access to lots and lots of other information. It just means that this kind of content is harder to access, because we need it to be harder to access to protect everyone.

It's not security v. privacy. It's security v. security, where the security the FBI is fighting for is to stop the 1 in a billion attack and the security everyone else wants is to prevent much more likely and potentially much more devastating attacks. Meanwhile, of all the things for the President to cite as an analogy, TSA security theater may be the worst. Very few people think it's okay, especially since it's been shown to be a joke. Setting that up as the precedent for breaking strong encryption is... crazy. And, on top of that, using the combination of TSA security and DUI checkpoints as evidence for why we should break strong encryption with backdoors again fails to recognize the issue at hand. Neither of those undermine an entire security setup.
We do have to make sure, given the power of the internet and how much our lives are digitalized, that it is narrow and that it is constrained and that there's oversight. And I'm confident this is something that we can solve, but we're going to need the tech community, software designers, people who care deeply about this stuff, to help us solve it. Because what will happen is, if everybody goes to their respective corners, and the tech community says "you know what, either we have strong perfect encryption, or else it's Big Brother and Orwellian world," what you'll find is that after something really bad happens, the politics of this will swing and it will become sloppy and rushed and it will go through Congress in ways that have not been thought through. And then you really will have dangers to our civil liberties, because the people who understand this best, and who care most about privacy and civil liberties have disengaged, or have taken a position that is not sustainable for the general public as a whole over time.
I have a lot of trouble with the President's line about everyone going to "their respective corners," as it suggests a ridiculous sort of tribalism in which the natural state is the tech industry against the government and even suggests that the tech industry doesn't care about stopping terrorism or child pornographers. That, of course, is ridiculous. It's got nothing to do with "our team." It has to do with the simple realities of encryption and the fact that what the President is suggesting is dangerous.

Furthermore, it's not necessarily the "Orwellian/big brother" issue that people are afraid of. That's a red herring from the "privacy v. security" mindset. People are afraid of this making everyone a lot less safe. No doubt, the President is right that if there's "something really bad" happening then the politics moves in one way -- but it's pretty ridiculous for him to be saying that, seeing as the latest skirmish in this battle is being fought by his very own Justice Department, he's the one who jumped on the San Bernardino attacks as an excuse to push this line of argument.

If the President is truly worried about stupid knee-jerk reactions following "something bad" happening, rather than trying to talk about "balance" and "compromise," he could and should be doing more to fairly educate the American public, and to make public statements about this issue and how important strong encryption is. Enough of this bogus "strong encryption is important, but... the children" crap. The children need strong encryption. The victims of crimes need encryption. The victims of terrorists need encryption. Undermining all that because just a tiny bit of information is inaccessible to law enforcement is crazy. It's giving up the entire ballgame to those with malicious intent, just so that we can have a bit more information in a few narrow cases.

President Obama keeps mentioning trade-offs, but it appears that he refuses to actually understand the trade-offs at issue here. Giving up on strong encryption is not about finding a happy middle compromise. Giving up on strong encryption is putting everyone at serious risk.

Support our crowdfunding campaign to help us keep covering stories like this!


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • This comment has been flagged by the community. Click here to show it
    icon
    Whatever (profile), 11 Mar 2016 @ 8:07pm

    It's amazing - everyone who doesn't agree with a singular point of view is wrong, period and end of discussion. Even though plenty of people disagree, it appears they are all idiots.

    Too bad you aren't as critical of Apple's overhyped claims.

    reply to this | link to this | view in chronology ]

    • icon
      TechDescartes (profile), 11 Mar 2016 @ 9:28pm

      Re:Run

      Whatever.

      reply to this | link to this | view in chronology ]

    • icon
      orbitalinsertion (profile), 11 Mar 2016 @ 10:13pm

      Re:

      Ah, That facts = "point of view" thing again. "Both sides" rhetoric.

      Always good to see the false equivalences followed up by the severely beaten stawman techdirt writer you drag around.

      reply to this | link to this | view in chronology ]

    • icon
      techflaws (profile), 11 Mar 2016 @ 10:23pm

      Re:

      Even though plenty of people disagree
      Based on what arguments? The one where they twist the facts?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 11 Mar 2016 @ 10:42pm

      Re:

      It's amazing - everyone who doesn't agree with a singular point of view is wrong, period and end of discussion.

      It's amazing - you totally missed that this whole article is not "period, end of discussion" but a detailed exploration of why the President is wrong, including multiple citations to experts. That's called proving the point. The article is clearly not "I'm right, you're wrong" but "here's what Obama said, and here's a detailed explanation of why it's wrong."

      Even though plenty of people disagree, it appears they are all idiots.

      I don't see anyone being called "idiots" at all. I see them, rightly, being called out for not understanding the technological issues.

      Too bad you aren't as critical of Apple's overhyped claims.


      Do you read Techdirt? The site is pretty frequently anti-Apple. It is often quite critical of Apple's claims on a variety of things from patents to the way it runs its app store.

      It must be convenient when you can just make up stuff with no basis in reality.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Mar 2016 @ 5:00am

      Re:

      Well, yes, people who are wrong...are wrong. It's not a "point of view" if I say that today is Tuesday. This is not groundbreaking.

      reply to this | link to this | view in chronology ]

    • icon
      JMT (profile), 12 Mar 2016 @ 5:15am

      Re:

      "Too bad you aren't as critical of Apple's overhyped claims."

      Not a single Apple claim was made in the article. Instead there were quotes from actual crypto and security experts. When are you going to get over your Apple issues and start trying to argue against their claims?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Mar 2016 @ 8:36am

      Re:

      everyone who doesn't agree with a singular point of view is wrong, period and end of discussion

      I think you may have missed the 39 paragraphs that came after "wrong." in this article.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Mar 2016 @ 8:39am

      Re:

      I like how your side complains that Techdirt never listens to what experts have to say - but the moment experts do say, you whine that they're not agreeing with you.

      It's like you want the whole system rigged in your favor. Oh, wait...

      reply to this | link to this | view in chronology ]

      • icon
        Whatever (profile), 12 Mar 2016 @ 9:31am

        Re: Re:

        "I like how your side complains that Techdirt never listens to what experts have to say - but the moment experts do say, you whine that they're not agreeing with you."

        I take "experts" with a grain of salt. Every turn in history there seems to be a bunch of experts saying you can't do this, or you won't do that... and in the end, they are proven to be either wrong or irrelevant.

        Remember, 640k ram is enough for anyone, man will never visit the moon, and computers will never be small enough to hold in your hand. All things said by "experts" who have been proven oh so very wrong.

        I also think it's incredibly easy to take pot shots at the President on this one. He's not a tech guru, he's not an encryption expert, and he's not a cell phone builder. He is however a politician who feels the pressure from LEOs and DoJ, understands in general terms their desires, and also understands (to some extent) the public's desires as well. What he put forward isn't a grand technical guide, it's a politicians view of the need to find something that possibly works for both sides.

        The other choice, you understand, are solutions nobody would like, such as limited encryption, forcing a bad back door, or otherwise making encryption less usable and less functional.

        The President isn't a stupid man. He's trying to start a discussion, where as both sides for the moment are using massive bullhorns to try to shout each other down.

        Marking the President as "wrong" is just another shout through a big bullhorn.

        reply to this | link to this | view in chronology ]

        • icon
          frank87 (profile), 12 Mar 2016 @ 9:59am

          Re: Re: Re:

          You know there are many more examples of experts being right, dont you? But most of them you see on youtube and don't get much attention (try searching for 'pepertuum mobile').
          Of course it's a politician, it's difficult for him to understand there is no compromise.

          reply to this | link to this | view in chronology ]

        • identicon
          Troll Dictionary, 12 Mar 2016 @ 12:00pm

          Re: Re: Re:

          grain of salt n.
          "snide, overconfident sense of superiority"

          remember v.
          1. "draw spurious conclusions from"
          2. "ignore context of"

          pot shots n.
          "thorough arguments I don't like"

          other choice n.
          "false dichotomy"

          big bullhorn n.
          "medium-sized blog"

          reply to this | link to this | view in chronology ]

          • icon
            Whatever (profile), 12 Mar 2016 @ 7:06pm

            Re: Re: Re: Re:

            "big bullhorn n.
            "medium-sized blog""

            Hint: When you get well more than 10 million page views a month, you ain't medium size... Mike posted the figures the other day, there isn't anything medium about Techdirt's audience reach.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 14 Mar 2016 @ 12:33am

              Re: Re: Re: Re: Re:

              Apparently Mike Masnick is a lunatic that no one reads, listens to or takes seriously... until it suits the troll narrative that Techdirt suddenly has a readership up the wazoo and is suddenly noticeable?

              reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 13 Mar 2016 @ 11:05am

          Re: Re: Re:

          "the other choice, you understand, are solutions nobody would like, such as limited encryption, forcing a bad back door, or otherwise making encryption less usable and less functional. "
          except those of us in other countries will have those things... so this really is only about spying on Americans

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 13 Mar 2016 @ 11:19am

          Re: Re: Re:

          Ah yes, "start a discussion," that classic argument from people who don't have one.

          reply to this | link to this | view in chronology ]

  • identicon
    Matt Hicks, 11 Mar 2016 @ 8:48pm

    Is Obama running for office again? /s

    reply to this | link to this | view in chronology ]

    • identicon
      David, 12 Mar 2016 @ 2:07am

      Re:

      Yes, just female instead of black.

      Otherwise, it's pretty much the same: the first time you get any dependable statement from either is after the cheques clear.

      The current game of the Democrats (assuming that Hillary trumps Bernie and it looks like that) is to disappoint any hopes they may have raised, once they are elected. The Republicans decided to start with hopeless candidates in the first place this time.

      Apparently if you want to rise to the top, you better yank out your brain for better flotation and refill the void with readily available dollar bills after election.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Mar 2016 @ 2:14pm

      Re:

      No, but Dick Cheney in drag is looking to take his place.

      reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 11 Mar 2016 @ 9:45pm

    "a healthy skepticism about overreaching government power"

    I mean its not like you have secret courts, secret rulings, secret orders that you hide from the citizens they are used against....

    "but the Snowden issue, vastly overstated the dangers to US citizens in terms of spying."

    Really? So there weren't workers pulling up info on lovers & ex-lovers and very little oversight to catch that happening? You aren't running games to hide how the actual evidence was gathered to protect the secret project not allowing the accused to challenge the secret machinery that no one, who isn't 100% committed to the program, gets to make sure is accurate & isn't just more tiger repelling stone bullshit we pay billions for?

    "And it's fetishizing our phones above every other value"

    Much like your administration has fetishized being opaque & hiding the fetish of gathering and hoarding all of the data while ignoring you can't find shit in the huge piles you collect to such a degree that the FBI has to groom, convert, fund, & plan terrorist "attacks" so you have headlines to trot out?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Mar 2016 @ 9:58pm

    President Obama just declared war on high tech

    He's done the digital equivalent of gearing up to invade Austria.

    reply to this | link to this | view in chronology ]

  • icon
    orbitalinsertion (profile), 11 Mar 2016 @ 10:15pm

    So... encryption keeps people from going through my underwear? Technology is amazing. We truly do live in the future.

    reply to this | link to this | view in chronology ]

  • icon
    Adrian Cochrane (profile), 11 Mar 2016 @ 10:27pm

    Hmmm, we all have "swiss bank accounts" in our pockets now. By that line we used to have those swiss accounts in our heads, but law enforcement (as this article rightly points out) has always been able to cope with that.

    This is nothing new with this.

    Besides it is ridiculous for him to call himself a "realist" when he denies reality is "absolutist".

    reply to this | link to this | view in chronology ]

    • identicon
      David, 12 Mar 2016 @ 3:07am

      Re:

      By that line we used to have those swiss accounts in our heads, but law enforcement (as this article rightly points out) has always been able to cope with that.

      Well, so-so. But that's what the return of torture is good for. The current administration has put every known government-employed torturer and murderer (also known as heroes and patriots) out of the reach of justice. And Trump has actually stated that as president he is going to actively order torture and expects FBI et al to obey. And he's running strong in the polls. Even if he does not make it, Americans are far too fond of such medieval antics to be counted among civilized countries.

      So if citizens and other humans are no longer secure in their person and health and sanity from law enforcement (because the masses rejoice in having that part of the Constitution dismantled), denying them to be secure in their assets (like a phone) is just a second-grade offense.

      reply to this | link to this | view in chronology ]

  • icon
    Adrian Cochrane (profile), 11 Mar 2016 @ 10:30pm

    RE:

    Reality in this case is absolutist I mean.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Mar 2016 @ 11:11pm

    "stating that there's some sort of equivalency on both sides of the debate and that we need to find some sort of "balanced" solution short of strong encryption that will somehow let in law enforcement in some cases."

    I'm pretty sure that all politicians are training to do this when asked about more or less any controversial issue. They suggest that each side has it's merits, and the debate should be resolved by a compromise that meets in the middle. It's the sort of thing that's usually useful in politics and is sometimes the only way things get done. Side A gets some of what they want, Side B gets some of what they want, and neither is fully happy, but things get done.

    Unfortunately they typically ignore that in cases like this, it's a false compromise fallacy (wikipedia lists this as Argument to moderation). It is entirely possible for one side to be so completely wrong that there is no middle ground.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Mar 2016 @ 4:45am

      Re:

      In this case it's not even so much one side being wrong. It's that that side completely ignores the other's position as "a matter of opinion". Compromising security, compromises security, period. It doesn't compromise it a little bit and we can live with that, it doesn't compromise it selectively and those evil bastards deserve it. It might not impact anyone much of the time, but like the quoted tweets in the article mention, it basically compromises it disastrously.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Mar 2016 @ 11:24pm

    There seems to be an increase in countries trying to enforce national law on an international scale, often with little regard by anyone about the potential blow back from all of it. Demanding an international company to comply is like walking into the UN and demanding they follow American policy to the exclusion of all others. Its not like China, Russia, Europe, and many other countries don't have a vested interest in Apple or anything.

    reply to this | link to this | view in chronology ]

  • identicon
    recherche, 11 Mar 2016 @ 11:49pm

    I suggest using a physical analogy to make the point: An anti-gravity machine!

    An anti-gravity machine!

    Immediately, the criticism comes: You're violating the laws of physics (at least, to the extent that we understand them). You can't do that!

    Well guys, maybe "crypto with selective backdoors" violates the laws of mathematics (at least, to the extent that we understand the mechanics of mathematics, and how crypto rests on that mechanics). You can't do that!

    And then, throw in a hypothetical: So, WHAT IF we *could* build an anti-gravity machine, that could manipulate objects, say, up to the size of a car.

    - What would the control console look like?

    - Who would have access to the control?

    - If the control is in the normal-gravity world, and sends instructions to the anti-gravity "thingy", how do we ensure that there are no third parties that could send fake signals, or could disrupt legitimate signals, even including making sure the instruction arrives on-time (what if the anti-gravity "thingy" misses its landing zone, and lands on the head of its inventor instead)?

    - Would there be a black market for these devices?

    Bringing this analogy to life sounds like a job for Jamie Oliver.

    -- recherche

    reply to this | link to this | view in chronology ]

  • identicon
    El_porko, 11 Mar 2016 @ 11:50pm

    The biggest point here is...

    Who would by an Apple iPhone if they new the that people/government could just hack in.

    Goodbye Apple, was fun but now it's over!

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 11 Mar 2016 @ 11:57pm

      Re: The biggest point here is...

      Oh it's much worse than that, if the government gets it's way here no phone or other device utilizing encryption would be secure, because an order demanding that a company break their own encryption can be served to any company just as easily as it can be served to Apple.

      reply to this | link to this | view in chronology ]

      • identicon
        David, 12 Mar 2016 @ 3:15am

        Re: Re: The biggest point here is...

        Not to companies outside of the U.S.

        20 years ago, it was illegal to export strong encryption programs from the U.S.

        In a few years, it will be illegal to import strong encryption programs into the U.S.

        The Land of the Free and the Home of the Brave.

        How long until it becomes illegal to carry around agitory propaganda calling for violent overthrow of the government? Like the Declaration of Independence? How long until you are barred from carrying around copies of the Constitution without plausible cause?

        reply to this | link to this | view in chronology ]

        • identicon
          AJ, 13 Mar 2016 @ 3:15am

          Re: Re: Re: The biggest point here is...

          "How long"

          Well. I don't know "how long" exactly, but the first step is taking away your ability to defend yourself. They will take your guns first. Then they will proceed at whatever speed they care to proceed at.

          reply to this | link to this | view in chronology ]

          • identicon
            David, 13 Mar 2016 @ 7:24am

            Re: Re: Re: Re: The biggest point here is...

            The gun myth again. Hand guns are a disadvantage when fighting the government since their main effect is to provide an excuse for escalation. So their availability is a tool for controlling the population rather than otherwise: it makes it much easier for police forces to kill at will and spread fear.

            You don't fight a guerilla war with hand guns but with sniper rifles and explosives.

            reply to this | link to this | view in chronology ]

            • identicon
              AJ, 14 Mar 2016 @ 5:14am

              Re: Re: Re: Re: Re: The biggest point here is...

              "The gun myth again. Hand guns are a disadvantage when fighting the government since their main effect is to provide an excuse for escalation. So their availability is a tool for controlling the population rather than otherwise: it makes it much easier for police forces to kill at will and spread fear."

              If that is what you believe, then feel free to give yours up.

              "You don't fight a guerilla war with hand guns but with sniper rifles and explosives."

              You don't fight a "guerrilla war" at all. If we ever get to that point, we've already lost. With that aside; We still have the ability to rise up in armed protest, however ineffective it may be. That alone is enough to give tyranny pause.

              But personal beliefs aside, it doesn't change the fact that they well come for the guns first. Disarming the people is always the first step in subjugating them.

              reply to this | link to this | view in chronology ]

              • identicon
                Wendy Cockcroft, 18 Mar 2016 @ 7:05am

                Re: Re: Re: Re: Re: Re: The biggest point here is...

                Looking at the evidence I'd say that the first step to subjugating the people is to get them fighting with each other or distracted by a boogeyman. The government is actually doing both.

                reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Mar 2016 @ 11:11am

        Re: Re: The biggest point here is...

        "Oh it's much worse than that, if the government gets it's way here no phone or other device utilizing encryption would be secure, because an order demanding that a company break their own encryption can be served to any company just as easily as it can be served to Apple."
        - I think you mean no AMERICAN phone will be safe. The people who your spys are suppose to be spying on will still have encrypted phones... so how is this about them?

        reply to this | link to this | view in chronology ]

        • icon
          John Fenderson (profile), 14 Mar 2016 @ 5:55am

          Re: Re: Re: The biggest point here is...

          I think he means no non-criminal and non-techie Americans will have encryption. Crooks and geeks will always have strong encryption. It is literally impossible to prevent.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Mar 2016 @ 11:59pm

    Just a question: isn't an absolutist point of view pretending that you have to be able to pry open all phones just because you got a warrant telling you that you can open them?

    Just saying.


    Also, if it was technically possible to live in a house that not even a tank (police, lol) can pry open, I would happily live in it.

    Sure, you might not catch criminals in it, but at least we'd be safe from them too. Unless we let them inside, of course, same as with phones.

    So, I'm not able to get an unbreakable door that a nuke won't ven budge it because it has to be breakable by the police?

    You're going to expose me, my family and my children, OH MY GOD! THINK OF THE CHILDREN! YOU'RE KILLING MY CHILDREN just because you want to be able to get inside with a warrant?

    That doesn't mean that you won't be able to catch criminals. At some point, everyone has to get out of their homes; if not, at least to buy food or get water.


    But you see:

    "If I'm not a criminal, you have nothing to investigate about me."

    Does it remind you of something?


    And btw, I'm not talking about the fact that just because you got something backdoored, the smart people "on the other side" won't be able to figure out ways of using that same device in a way that bypasses your own backdoor (as in, building a killswitch on the phone, for example).

    And then, we are back at the -100 step. Now you got all the devices backdoores, but you still won't be able to get the juicy bits on terrorists' phones.

    Of course, you will still be able to catch their latest Candy Crush records.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Mar 2016 @ 8:25am

      Re:

      you forget almost every dirty cop views anyone that does not lick their boots as a criminal. The last several decades of US government administrations that take the viewpoint "if you are not 100% blindly loyal to us you are the enemy, be you a foreigner or an American citizen"

      reply to this | link to this | view in chronology ]

  • identicon
    Socrates, 12 Mar 2016 @ 12:17am

    Hiding not protecting

    "strong encryption is important, but... the children"
    There is another important aspect revealed by targeting dissemination instead of preventing abuse, it is hiding not preventing raping of children.

    If all the rapists stopped distributing evidence of their crimes it would not make the abuse nonexistent.

    The serial rapists in the Catholic church did it without it being a fancy internet crime.


    This smells like the banning of camera-phones in the torture chambers in the concentration camps!

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Mar 2016 @ 8:27am

      Re: Hiding not protecting

      I am sure the FBI could just start making and distributing child porn to catch all those dangerous predators. Much like how they create and support fake terrorism plots to catch people could be dangerous terrorists only if they have their hands held through every aspect of the plot.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 12:20am

    All of this is about one thing. LEO refuses to understand NO. That some how the laws of this nation mean nothing at all when it comes to spying. There is no limit and no boundary acceptable. You take a dump in the toilet, they wanna know what color it was.

    As has been mentioned, there will always be things that can not be revealed to LEO. I tell someone a secret, he goes out and dies and never wrote it down or recorded it in any manner, that info will not be 'retrievable' from him.

    Cellphones have taken on a whole new character. They are now the personal confident of your life. LEO wants it to be the personal spy that lives in your back pocket. Why would I want to carry a camera that can be turned on at anytime without my permission to find out I'm not the bathroom? Would turning on the microphone aid in that if you could hear me passing gas? Is that so important to LEO they just must have this access?

    You think we have problems now with hackers, please put in backdoors because when you do, they will know it exists and will become the golden apple to reach for. When it does happen to be cracked and it will, how will this back door be closed when today due to these same spying problems people are starting to refuse to do updates to keep the corporate nose out of your personal life?

    reply to this | link to this | view in chronology ]

  • identicon
    David, 12 Mar 2016 @ 12:52am

    Who cares what Obama is saying anyway?

    He is talking out of both sides of his mouth as usual in order to distract from what he is doing with his butt.

    Watch his cheeks.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 1:01am

    Sounds like el prez needs to get his behind to church, and get him some Jesus.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 1:24am

    Mr. President, where in the constitution does it say that nobody in the world is allowed to keep things secret from your government?

    reply to this | link to this | view in chronology ]

  • icon
    CanadianByChoice (profile), 12 Mar 2016 @ 1:30am

    Dear Mr Obama ....

    Please allow me to illustrate what you're saying:
    The tech/security people say: "1 + 1 = 2"
    LEO and the alphabet agencies demand: "make 1 + 1 = 4!"
    Mr Obama says: "Lets compromise - make 1 + 1 = 3"

    (This is known as the "Door In The Face" technique)

    As a side note, I stopped using "air travel" over a decade ago because of TSA. It's not that I'm a criminal or a terrorist, it's that the "terrorist risk" (very tiny) did not warrent the response (I.E. being treated as a criminal at the airport).

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 1:47am

    I personally find it amazing how short lived memory is for these politicians and various spy agencies who do need to keep secrets. Here they are advocating that encryption should be weakened.

    Yet had they had strong encryption in place maybe many of those secrets would not have leaked out during the hack of the OPM (Office of Personal Management), a government branch in charge of among other things, application data for those government employees as well as candidates for employees, applications for security clearances as well as those who hold security clearances, polygraph test results for each employee over the years that hold security clearances, investigation results for security clearances, as well as the data base on those in the Scattered Castle program.

    If there was ever a time when the government came away with egg all over it's face worldwise, You are looking at it. Mainly because you have to realize what this data entailed to understand what a fuck up this was that hackers got away with all this data.

    It includes everything about someone. Who they are, where they live, whose in the family, where they live, where you bank, what your neighbors say about you, if LEO has any data on you, in polygraph especially the go really off the deep end. Into bestiality? Been to a strip bar? Had sex with someone other than your spouse? Debt? I mean this describes everyone down to the dot. Want a road map on how to compromise an important office holding person? What to know just how to get to someone to compromise them?

    Now tell me that encryption, had it been in place, properly used, would not have saved US employees from exposure!

    Yet here we are with the government demanding 'let's weaken encryption'.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 1:54am

    Confidence games

    Way back on February 18, 2016, the New York Times, in a story by Katie Benner and Nicole Perloth (“How Tim Cook, in iPhone Battle, Became a Bulwark for Digital Privacy”) reported that Apple had requested the government file its All Writs Act application under seal.
    Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity.
    That anonymously-sourced fact has since been widely reported. Apple, to my knowledge, has not denied it.

    How confident are we in that piece of information? Do we believe it?

    Going further, elsewhere, it's been further said that Apple would have been willing to comply with the government's request—if the application had been made under seal. AFAICT, the New York Times story does not say that. Where does that latter piece of information come from? Do we have any confidence in it—or is it just a rumor which loosely follows from the New York Times report above?

    reply to this | link to this | view in chronology ]

  • icon
    Not an Electronic Rodent (profile), 12 Mar 2016 @ 2:28am

    wrong again

    I haven't flown commercial in a while, but my understanding is that it's not great fun going through security. But we make the concession because -- it's a big intrusion on our privacy -- but we recognize that it is important.
    Nope. We "make the concession" NOT because we "recognise it's important", but because our personal reasons for travel are sufficiently important to put up with the annoying and intrusive crap and because enough people have yet to stand up and say, "You know this is totally bullshit, right?"

    Looks like you're 2 for 2 on being wrong about security front, Mr. Obama...

    reply to this | link to this | view in chronology ]

    • icon
      That Anonymous Coward (profile), 12 Mar 2016 @ 3:24am

      Re: wrong again

      "but we recognize that it is important"

      Only if we wish to fly. Either one participates in the absolute farce of being felt up by people hired from the tops of pizza boxes, possibly being robbed while an entire Federal Agency tries to pretend that never happens (as entire theft rings get busted) or can't locate the footage showing that the power hungry agent went batshit on a citizen or they don't get to fly.

      reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 12 Mar 2016 @ 7:17am

      Re: wrong again

      This, precisely. I do not think that the way airport security is being done is important at all, and I minimize my flying as a direct result of it. The only reason I put up with it at all is because I literally have no other choice.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Mar 2016 @ 9:35am

        Re: Re: wrong again

        Luckily I have a choice. I've never flown again since the starting up of the TSA. The 'your papers, pleeze' has gotten far to far threadbare.

        We've gotten a branch of government for the Homeland, how much longer til it's the Fatherland? The differences are becoming tissue thin.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Mar 2016 @ 8:30am

        Re: Re: wrong again

        it is designed to make citizens get used to a police state, has nothing to do with making citizens be safe.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 5:00am

    Everything he says is suspect

    Since the intelligence community has been collecting literally everything possible on citizens, the likelihood is that Obama is being blackmailed into his current stance. Candidate Obama was a very different politician than the president ended up being, but no one wants to question why there has been such a drastic change.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Mar 2016 @ 7:36am

      Re: Everything he says is suspect

      Candidate Obama was a very different politician than the president ended up being
      Sen. Barack Obama, presidential candidate, on July 3, 2008: “My Position On FISA”:
      I want to take this opportunity to speak directly to those of you who oppose my decision to support the FISA compromise. . . .

      And going forward, some of you may decide that my FISA position is a deal breaker. That's ok. . . .

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 12 Mar 2016 @ 7:47am

        Re: Re: Everything he says is suspect

        Sen. Barack Obama, presidential candidate, on July 3, 2008: “My Position On FISA”
        October 24, 2007:“Obama Camp Says It: He'll Support Filibuster Of Any Bill Containing Telecom Immunity
        It's official: Obama will back a filibuster of any Senate FISA legislation containing telecom immunity, his campaign has just told Election Central. The Obama campaign has just sent over the following statement from spokesman Bill Burton:
        "To be clear: Barack will support a filibuster of any bill that includes retroactive immunity for telecommunications companies."

        July 3, 2008: “My Position On FISA”:
        And going forward, some of you may decide that my FISA position is a deal breaker.

         

        reply to this | link to this | view in chronology ]

    • identicon
      David, 12 Mar 2016 @ 1:01pm

      Re: Everything he says is suspect

      He's the anti-Carter. Carter turned out to be a fantastic ex-president. Obama turned out to be a great president-to-be.

      Too bad a great acting president has been sorely lacking for a few decades now.

      reply to this | link to this | view in chronology ]

  • identicon
    Quiet Lurcker, 12 Mar 2016 @ 6:34am

    Only Sane Man????

    I still remember the whole 'clipper chip' debacle.

    Back then, NSA put forth the very same arguments Obama and the (In)Justice Dept. are putting forth today over the San Bernardino iPhone.

    Back then, the tech community put forth the same argument they are today.

    I have to ask myself. Did no one learn anything from the clipper chip debacle, or has the government simply biding its time, before making the attempt again, only this time ...WITH COMPUTERS?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 6:56am

    Math tends to be absolutist...

    That's kinda the way math is.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 6:59am

    "I am not a software engineer"

    But I'm telling you how to design your software, anyway.

    reply to this | link to this | view in chronology ]

  • icon
    John Fenderson (profile), 12 Mar 2016 @ 7:25am

    The weapon of incrementalism

    I haven't flown commercial in a while, but my understanding is that it's not great fun going through security. But we make the concession because -- it's a big intrusion on our privacy -- but we recognize that it is important. We have stops for drunk drivers. It's an intrusion. But we think it's the right thing to do. And this notion that somehow our data is different and can be walled off from those other trade-offs we make, I believe is incorrect.


    This is the most maddening argument of all to me. Airport security and DUI checkpoints are very controversial things that a substantial percentage of the population take grave exception to.

    To trot these out as "well, look we all agree on those, so we must all agree on this" is extremely deceptive and manipulative.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Mar 2016 @ 2:20pm

      Re: The weapon of incrementalism

      "I know airport security makes people miserable and accomplishes absolutely nothing beyond employing unemployable people (and sometimes even the same people we've put on watch lists) with no job skills, but we do it anyway. Therefore, people shouldn't have a right to expect not to be subjected to the misery of useless security measures and intrusions into every other aspect of their lives as well."

      reply to this | link to this | view in chronology ]

  • identicon
    George Vaccaro, 12 Mar 2016 @ 7:35am

    Power Corrupts

    Good points. One issue:

    "If there really were a way to have strong encryption with a secure key where only a small number of people could get in on key issues, then that would be great."

    That would only be great if those small number of people were incorruptible and held to the Constitution, which IMO is not probable or even possible. In all likelihood people in that position would be very corruptible, more so for being put in a trusted and powerful point of control. Think IRS scandal and the 500 FBI files (old but new somehow). They would be almost guaranteed to be politically, monetarily or physically leveraged, voluntarily or not.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 12 Mar 2016 @ 9:15am

      Re: Power Corrupts

      That would only be great if those small number of people were incorruptible and held to the Constitution, which IMO is not probable or even possible.

      Not even then, because even if those people were completely incorruptible, and had nothing but the public and it's rights in mind with every decision they made, what guarantee is there that the next batch will be equally flawless? Or the group after that?

      When you're talking about something that stands to have a significant impact on the privacy and security of a great many people it's not paranoia to assume the worst and act and/or plan accordingly, it's common sense.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 12 Mar 2016 @ 9:33pm

        Re: Re: Power Corrupts

        When it comes to government...

        The power you give to your friend is the power you give to your enemy!

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 8:29am

    Obama is, was, and will always be a joke.

    reply to this | link to this | view in chronology ]

  • icon
    madasahatter (profile), 12 Mar 2016 @ 8:44am

    Equation

    Something Obama will not understand because it is math:

    Lawyer = Shyster = Politician = Criminal = Traitor

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Anonymous Coward, 12 Mar 2016 @ 8:50am

    Hoisted, petard, own...

    Leaving aside for a moment the power hunger that swells like a wave about to break whenever a person gets elected or appointed to some government position, let's take a look at the seemingly unquenchable desire to play with the latest technology. This latter foible is not universal, but certainly is wide spread. I suffer from it, though I tend not to be on the bleeding edge of the trend, I am restrained by my pocketbook and a tinge of old fashionedness.

    The government does not suffer the pocketbook dilemma, though it squanders their allowance in pursuit of maintaining their positions rather than acquiring solutions to problems. They do suffer from 'being seen to be being on top' of the next new thing, and do so to their own detriment. Not only do they fail to comprehend the extent of the next new thing along with much of the where's, the why's and the how's, they do so with a vehemence and short sightedness that squanders all that came before.

    Take this encryption thingy. Encryption has been around for centuries. Now when it becomes slightly more easily deploy-able they cannot find a way around it. What did they do to solve crime prior to cell phones? What did they do to solve crime with cell phones that had no encryption? What did they do when not everything was knowable (not that it is now, they sure want it to be)? Where in any of this countries founding documents does it say that the government must be, or is even allowed to be all knowing? Now with easily deployed encryption all the prior techniques are no longer known or workable or even allowed, or so it seems.

    I am afraid that the government suffers from prior successes. They managed, not to break the Enigma cypher during WWII, but to steal one of the machines. This allowed them to know things the enemy did not know that they knew, and that caused all kinds of problems for the enemy. There have probably been other successes of this kind during the cold war that are less well known to us but are well known lessons for them. What did they learn? That if they can know something that their opponent does not know that they know, it is easier to compromise them. The key word there is easier. (Where does it say that governing should be easy?) That compromise might be an arrest, a non judicially sanctioned execution, or just being in the right place at the right time to stop something the government doesn't want, whether that is for the benefit of the world or the government's self protection does not really matter, to them.

    There are cyphers that cannot be broken. They are less easily deployed and require some infrastructure to work. Infrastructure that takes time to deploy, but is unstoppable, at least without the total Big Brother infrastructure that allows Big Brother to know everything about everyone in real time. The government may stop this easily deploy-able encryption, to the detriment of safety and security of the common person in their daily business, but it will just drive those determined to the less easily deploy-able methods, that have been around since before electricity was a thing. And once again the government will be in a place where they won't know anything about the 'next new thing' even though it is far from new.

    reply to this | link to this | view in chronology ]

    • icon
      madasahatter (profile), 13 Mar 2016 @ 7:43am

      Re: Hoisted, petard, own...

      As far as breaking codes, natural languages have sound thus letter patterns in the language. If the encrypted text is long enough, the text will have essentially the same distribution as the language. Also, many encrypted messages, particularly government/military tend to have an internal structure much like a business letter. Both of these patterns give clues allowing code breaking. This was observed in the 1920's by William Friedman.

      Also, the strength of cypher system is based on the underlying technology used to create it. Modern computer based systems are mathematically very strong for our current technology but they can be broken if one has enough computational power and enough time.

      Back to San Bernardino, there is another rule about intelligence: it goes stale the older the information. Even if there is intelligence information on the phone, as it ages it will become much less useful overall.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Anonymous Coward, 13 Mar 2016 @ 8:25am

        Re: Re: Hoisted, petard, own...

        I am neither a mathematician nor a cypher expert. My understanding of one time pads and book cyphers is that they are not breakable. I would think that anyone who actually looked into this before using any system would know about the concept of patterns and might pad out information sent to avoid obvious patterns, or actually create false patterns.

        I was unaware of that concept of patterns with regard to cyphers, thanks for letting me know.

        reply to this | link to this | view in chronology ]

        • icon
          John Fenderson (profile), 13 Mar 2016 @ 10:19am

          Re: Re: Re: Hoisted, petard, own...

          "My understanding of one time pads and book cyphers is that they are not breakable."

          Properly done one-time pads are totally unbreakable. Book ciphers are not.

          There are two reasons that one-time pads aren't the way most encryption is done, though: you must have a source of truly random numbers (which is not possible on standard computing equipment) and you must be able to transmit the key securely to the other end. It's that last requirement that's the serious problem -- in most situations, if you have a way of securely transferring the key then you could just transmit your message instead.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 13 Mar 2016 @ 10:38am

            Re: Re: Re: Re: Hoisted, petard, own...

            a source of truly random numbers (which is not possible on standard computing equipment)
            You don't believe in Intel's “Bull Mountain”?
            [I]t includes a high-quality entropy source implementation

            Curiously enough, although on somewhat of a completely tangential break— did you notice that Intel's application to submit its amicus brief in the San Bernardino case was denied by Magistrate Judge Pym on March 7?

            reply to this | link to this | view in chronology ]

            • icon
              John Fenderson (profile), 13 Mar 2016 @ 10:52am

              Re: Re: Re: Re: Re: Hoisted, petard, own...

              Bull Mountain is a great thing, but first, it's not yet "standard computing equipment" and second, it's not truly random. It's deriving its entropy from things like keystroke timings, etc. It's very very very close to random, not if you're looking for 100% mathematical unbreakability, that's not good enough.

              I think World War 2 provides a great example of how important this is. During war, one-time pads are used (they work there because the keys are transferred securely at the base before deployment) by all sides.

              Late in the war, the Allies started to be able to break OTP-encrypted messages from the Axis. They were able to do this because Germany's ability to produce random numbers had been degraded (in the day, random numbers were produced by rooms full of people pulling balls out of Bingo cages) and they suffered a shortage. Remember that with OTP, you need a new truly random number for every character in the cleartext.

              So they started taking shortcuts that meant that their random numbers, while still being very nearly random, had a slight statistical color to them. It was enough to allow a good percentage of messages to be cracked.

              reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 13 Mar 2016 @ 10:55am

              Re: Re: Re: Re: Re: Hoisted, petard, own...

              You don't believe in Intel's “Bull Mountain”?
              Btw, Herr Professor Doktor Doktor Fenderson, you never answered last year's question:
              Herr Professor Doktor Fenderson,

              Do there exist stochastic processes which are non-stationary in nature?

              reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Anonymous Coward, 13 Mar 2016 @ 11:55am

            Re: Re: Re: Re: Hoisted, petard, own...

            Would it be possible to simply describe how book cyphers might be broken, if one never finds out the book used?

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 13 Mar 2016 @ 12:05pm

              Re: Re: Re: Re: Re: Hoisted, petard, own...

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 13 Mar 2016 @ 12:09pm

                Re: Re: Re: Re: Re: Re: Hoisted, petard, own...

                Pigeonhole principle
                Oh, and Shannon (1950): Prediction and Entropy of Printed English.

                reply to this | link to this | view in chronology ]

                • identicon
                  Anonymous Coward, 13 Mar 2016 @ 12:17pm

                  Re: Re: Re: Re: Re: Re: Re: Hoisted, petard, own...

                  Pigeonhole principle
                  Oh, and Shannon (1950): Prediction and Entropy of Printed English.
                  Herr Professor Doktor Doktor Fenderson will, no doubt, be overjoyed to elucidate further.

                  reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Anonymous Coward, 13 Mar 2016 @ 1:37pm

                Re: Re: Re: Re: Re: Re: Hoisted, petard, own...

                I found both of your references fascinating, but do not comprehend how they might solve a book cypher. (Of course I barely understood either of them, and maybe I did not). The one below assumes an English language book. The one I am replying to makes assumptions about know quantities. There are 3 or 4 hundred thousand words in the English language, and new ones being added often. While that number is sort of finite, making assumptions about which ones are part the the cypher, and which meaning is intended seems improbable. Now toss in some not English quote on a page...

                Neither would satisfy if certain protocols are part of the book cypher. The name of the book, the language of the book, page number and word number on that page might only lead to the first or third or fifth letter of that word rather than the word itself. The protocol might change by which word in the message you are looking up. It works one way for word one, and another for word two, etc. Also the message may be very simple. A time and date that are expressed with the words used, words that have nothing to do with time or date, and would be very short in say a 1000 page book, which one does not know the title, the edition, or the language of.

                What if the protocol said that if the word is 'the' and it represented a number, that could be the number of times 'the' appears before the reference, after the reference, may include the reference, etc. Like a one time pad, these protocols could be distributed in person prior to anything untoward happening.

                Got anything else?

                reply to this | link to this | view in chronology ]

                • identicon
                  Anonymous Anonymous Coward, 13 Mar 2016 @ 1:40pm

                  Re: Re: Re: Re: Re: Re: Re: Hoisted, petard, own...

                  Oh, I forgot to mention, I am hardly a devious person, what if someone truly devious worked on setting up such a protocol?

                  reply to this | link to this | view in chronology ]

                • identicon
                  Anonymous Coward, 13 Mar 2016 @ 1:48pm

                  Re: Re: Re: Re: Re: Re: Re: Hoisted, petard, own...

                  Got anything else?
                  Let me repeat: Herr Professor Doktor Doktor Fenderson will, no doubt, be overjoyed to elucidate further.

                  reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 13 Mar 2016 @ 12:27pm

              Re: Re: Re: Re: Re: Hoisted, petard, own...

              … if one never finds out the book used?
              Google Books Library Project
              What's the goal of this project?

              The Library Project's aim is simple: make it easier for people to find relevant books – specifically, books they wouldn't find any other way such as those that are out of print …

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Anonymous Coward, 13 Mar 2016 @ 1:46pm

                Re: Re: Re: Re: Re: Re: Hoisted, petard, own...

                People working up a cypher have a lot of books to choose from. The only really absolute criteria is that both the coder and the code breaker are using the same book. So much the same that the exact same words appear on exactly the same pages, in exactly the same positions in both copies. The book could be in print, or out of print. It might be a classic, or it might be two copies of the latest crime drama, in paperback, bought at the same drugstore at the same time.

                reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Mar 2016 @ 12:44pm

      Re: Hoisted, petard, own...

      Encryption has been around for centuries.
      Modern cryptography, though has not.

      Along that vein, though, I'd point out that Neal Koblitz and Alfred Menezes deserve some respectful attention: Another Look at Provable Security
      In our time one of the dominant paradigms in cryptographic research goes by the name "provable security." This is the notion that the best (or, some would say, the only) way to have confidence in the security of a cryptographic protocol is to have a mathematically rigorous theorem that establishes some sort of guarantee of security (defined in a suitable way) under certain conditions and given certain assumptions.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 8:53am

    Chicken Little: The Universe is going dark: 26.8% dark matter, 68.3% dark energy !!!

    There could be *terrorists* in there!
    There could be *pornographers* in there!

    We need to spend $1 trillion to shed some light on this darkness IMMEDIATELY !

    reply to this | link to this | view in chronology ]

  • icon
    frank87 (profile), 12 Mar 2016 @ 8:58am

    Please, put Snowden on the election form. Even Obama is campaigning for him.

    reply to this | link to this | view in chronology ]

    • identicon
      David, 12 Mar 2016 @ 11:45am

      Re:

      Too young. It would be sort of a dickish move to openly ignore the Constitution before you are actually elected.

      reply to this | link to this | view in chronology ]

      • icon
        frank87 (profile), 12 Mar 2016 @ 3:14pm

        Re: Re:

        "I donno nothing, I'm from Barcelona"... I mean The Netherlands.

        Here we vote for political parties. These parties decide who gets in charge after the elections. Our politicians don't think for themselves.

        In the States, there is at lease a chanche to get a independent president.

        reply to this | link to this | view in chronology ]

        • icon
          John Fenderson (profile), 12 Mar 2016 @ 3:19pm

          Re: Re: Re:

          But it's an exceedingly tiny one. In the US, the system is rigged to ensure that the only political parties who can get people elected are the Republicans and Democrats, and both of those are under corporate control.

          reply to this | link to this | view in chronology ]

          • icon
            frank87 (profile), 12 Mar 2016 @ 3:26pm

            Re: Re: Re: Re:

            It's true. Youre constitution is well crafted, but the voting system is wrong. In France (and many other countries), they go for another round if nobody gets the majority of votes.

            In England they tried to change the system too: http://www.electoral-reform.org.uk/single-transferable-vote

            reply to this | link to this | view in chronology ]

            • icon
              frank87 (profile), 12 Mar 2016 @ 3:44pm

              Re: Re: Re: Re: Re:

              reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 12 Mar 2016 @ 9:42pm

              Re: Re: Re: Re: Re:

              No, it's just that Mr Fenderson like so many other Americans have bought that bullshit con a long time ago and keep peddling it like the waste of citizenship that they are.

              The voting system is not wrong, just not the best. Most Citizens do not even know how the US government is supposed to operate and I expect you know even less than these idiots siting here bemoaning their paltry existence as citizens.

              Few of these lazy fucks would get off their duff to learn anything more about a candidate for office other than who is a D and who is an R. We like to pretend that we know whats up... but we are pretty much clueless to the point its insane.

              Every fucking Candidate for President from either party is a terrible choice and the Americans are making it clear they don't give a shit at long as something is entertaining.

              reply to this | link to this | view in chronology ]

              • icon
                frank87 (profile), 13 Mar 2016 @ 1:08am

                Re: Re: Re: Re: Re: Re:

                A system where you can get a district without the majority of votes is exceptional. But you're right: every system has it's drawbacks (in France, they have to vote twice. In the Netherlands your vote ends up with some nitwit that's on the same list).

                And yes, I'm no expert but I know, most people don't give a fuck about politics. They do what they're told (vote for your parties candidate), don't make a noise and "They have got nothing to hide".

                I know your candidates are bad, but our gouvernment will do everything your president wants from it. That's why I read Techdirt. Our media think everything Democratic is fantastic (Obama is a saint), and don't look past Trump's hair color (they adhere to the filosofy: I'm right, so everybody who disagrees is stupid).

                reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 9:43am

    Do you think this puts to bed the idea that the Comey is acting against the wishes of the WH?

    Mr red circle is right about experts. After all, climate change is a hoax

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 9:54am

    Cloudflare is a pain in the arse

    Please make it go away.

    Thx.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 11:42am

    Yes, you can!

    My conclusions so far is that you cannot take an absolutist view on this.

    Wrong, Mr. Obama. I can. But you must because you have sworn an oath on the Constitution. The Constitution which explicitly carves out in the Bill of Rights the right of every citizen to be secure in his assets short of a warrant, and a widely distributed skeleton mechanism is not compatible with that.

    So you have sworn to take an absolutist view on this, and if you don't keep your oath, you should be impeached, prosecuted, and jailed.

    If you were not willing to serve as president of the United States according to the job description spelled out in the Constitution, you should not have run for office.

    reply to this | link to this | view in chronology ]

    • icon
      Whatever (profile), 13 Mar 2016 @ 4:18pm

      Re: Yes, you can!

      "Wrong, Mr. Obama. I can. But you must because you have sworn an oath on the Constitution. The Constitution which explicitly carves out in the Bill of Rights the right of every citizen to be secure in his assets short of a warrant, and a widely distributed skeleton mechanism is not compatible with that."

      The false assumption is a simple back door which could be used remotely without the party knowing. This is the scaremongering concept. The reality is much more of "phone in police possession, warrant issued by judge, need to access content in the same manner one would open a safety deposit box or a wall safe".

      The back door of any sort doesn't mean a WEAK and easily exploited one. Imagine a back door that requires that your read a number that is physically printed on a circuit board, or that requires that you have the device ID and say it's actual serial number to move forward, or something of similar nature. Creating a complex back door which could then pop the lock on the encryption (perhaps by releasing the user's pincode, as an example) would still once again require actual possession of the device in order to enter the passcode to view the content.

      Assuming a simple "type hello three times" back door is just not really brilliant, and creates yet another false argument in this discussion.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Mar 2016 @ 5:51pm

        Re: Re: Yes, you can!

        The back door of any sort doesn't mean a WEAK and easily exploited one

        Wait, you mean we're talking about something that can only be exploited with a bit of knowhow and effort? Oh, well, in that case.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Mar 2016 @ 11:45am

        Re: Re: Yes, you can!

        If you're so convinced that backdoors are truly feasible, and will only be used the good guys, and only then, under perfectly supervised, well-intentioned conditions, then do us a favor, and lock your house with a TSA lock.

        The time to put up or finally just shut your uneducated, ignorant, misinformed, and copyright infringing due to your unlicensed use of the Rambler club logo pie-hole is long past due.

        Workable backdoors are feasible, so why not PROVE IT yourself with the best functional example?

        I dare you.
        Double dare you.

        reply to this | link to this | view in chronology ]

  • icon
    Spectate Swamp (profile), 12 Mar 2016 @ 11:49am

    Really bad people Need to keep secrets

    How can future Snowdens and Assange get the goods on Our bad guys and gals with strong encryption?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Mar 2016 @ 8:22am

      Re: Really bad people Need to keep secrets

      "Really bad people Need to keep secrets

      How can future Snowdens and Assange get the goods on Our bad guys and gals with strong encryption?"

      You'd think they could at least grasp it from this angle.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 12:21pm

    Information in our brains.

    For one, there has always been information that was inaccessible -- such as information that came from an in-person conversation or information in our brains or information that has been destroyed.

    See? That's why law enforcement needs torture! To get to the information in people's brains! And you have to get to that information before it is destroyed by forgetting. That's why the cops that make first contact with a subject need to use it as soon as possible put in the field. But only when needed.

    Luckily, the President and FBI understand these things.

    reply to this | link to this | view in chronology ]

  • identicon
    Rob, 12 Mar 2016 @ 12:30pm

    The Puzzle Pieces that Obama is Missing in the Apple Encryption Debate

    I am not as bothered by Obama's conclusions as I am bothered by the errors in his supporting facts. These are going to contribute to the mis-education of portions of the American public.

    One year ago President Obama held nearly the opposite view. He spoke with President Xi in China about legislation Beijing was considering that would similarly handcuff tech companies [3]. He criticized Xi for this and pointed out that it would damage their economy.

    I don't know whether Obama continues to hold the view that mandating backdoors would damage a country's economy or not. Perhaps he does think it will hurt our economy but is worth the cost. Perhaps he thinks it is better for our security too. Of course he is wrong.

    I am baffled that nobody, to date, has been able to explain the entirety of the issues we must balance to maintain public safety and security to our President. Senator Lindsey Graham (R-SC) was able to achieve that understanding [4]

    Shouldn't the President have access to the best minds in technology? It's not as if any of us would refuse his phone call. Note I don't claim to be a best mind but I think I can talk through the issue to present understanding of the full tech side of the picture to a layperson, and at the same time be respectful of the challenges faced by the DOJ when trying to give justice to victims and security to the public. I think any technologist or well-informed citizen is capable of doing this.

    Fortunately, some Congressmen are already well-informed. They realize Apple is not simply being disobedient here. Lindsey Graham changed his mind [4] and Mike Lee made great points too [5] in an oversight hearing this week. Ted Lieu has been an ardent supporter of strong encryption [5a]. Dianne Feinstein, however, holds the opposite viewpoint [6].

    Other personalities have also changed their views when presented with facts. Sam Harris was initially very outspoken against strong encryption [10], but then changed his mind after reading responses to his initial video [11].

    On balance, putting backdoors on encrypted devices is not the right way to maintain security. The reasons are, 1) if we put backdoors on the iPhone, criminals will simply change to use another piece of software or device, 2) compelling companies to insert weaknesses into their products grants hackers a huge opportunity which they will indefinitely exploit, 3) Apple and other tech companies have been in an arms race against such hackers since their inception. Companies that failed at computer security have failed as businesses, and if we handcuff tech companies they won't be able to innovate around security flaws because those flaws will be mandated by law, and then there will be data breaches, people will be upset, they won't buy iPhones, and this industry will disappear from the US overnight, hurting our IT industry and the future of our economy and first place standing in the world in that regard, 4) Apple does contribute to public safety, despite FBI Director James Comey's feelings otherwise [12], 5) If we demand this of Apple, China will too, putting American diplomats and dissidents, or any travelers to China who use iPhones at greater risk than they already are, 6) Giving government access to data within smart phones is granting access to an entire history of communications, even before the time of any suspected crime. Wiretaps never had this power, and the power the government has now is unprecedented. This creates an imbalance that never existed before.

    There are already laws being introduced in CA and NY that seek to guarantee phones sold there can be decrypted. This litigation based on language from Manhattan DA Cyrus Vance [13]. I suppose that, by stating the government's position, this is a form of starting the debate. But, it feels like these laws are being forced upon us before any debate can occur. It's possible to get this right before crippling our IT industry. We just need to talk to each other and listen with an open mind to the other side of the argument.

    For Obama's understanding, I'll concede one circumstance under which I feel we ought to help unlock an iPhone.

    In the incredibly movie-like scenario where the location of a nuclear weapon is hidden on an encrypted iPhone, then we should sick all our computers on decrypting that phone. I believe this is already done by the NSA program, Bullrun, revealed by Snowden.

    Obama thinks he has technological advisors but he doesn't. Around 12:00 in the full keynote [2c], he starts to talk about how he has coordinated with technologists to form a special task force that solve persistent technological issues the government faces. I think that is a good start. But he is still missing someone or some group who he trusts to act in an advisory role to him about technology and, in particular, encryption. In fact, in this part of the keynote, he's trying to appeal to technologists, but he's still treating them as a mere tool to bring about his goals. He says "We want to create a pipeline where there's a continuous flow of talent that is helping to shape the government." [2a] He says government propaganda is dangerous [2b], yet does not listen to the leagues of technologists who tell him backdoors are bad, or even himself from one year ago [3]. He is pursuing his own agenda and engaging in government propaganda that is not factual, thus doing the very thing he says he isn't.

    I do believe that if Obama understood the facts about encryption then he would come to a different conclusion. If he really understood the equation, and the factors we must balance to maintain public security, then he would not be asking tech companies to add backdoors to their devices. However, at the moment he does not understand the technology, therefore he does not know the things we must balance, and therefore the result of his equation is wrong. There's an error in variables he's established in his mind. His calculation of the final result is reasonable given the facts he understands, but the calculation is based on mis-information.

    Let's inform each other and contact our representatives to make sure they are informed so that when the time does come to vote on this issue, we are all voting knowing that the debate is primarily about security vs. security [7] [8] [9], and not just security vs. privacy. Let's stick to the facts and stay away from persuasive methods rooted in fear, uncertainty and doubt. Let us inform the public so that they are confident they are more safe and secure when they support strong encryption.

    [1] https://news.ycombinator.com/item?id=11270529

    [2a] https://youtu.be/wfsIZioIpdI?t=14m54s

    [2b] https://youtu.be/wfsIZioIpdI?t=16m15s

    [2c] https://youtu.be/wfsIZioIpdI?t=12m00s

    [3] http://www.reuters.com/article/us-usa-obama-china-idUSKBN0LY2H520150302

    [4] https://youtu.be/uk4hYAwCdhU?t=1m44s

    [5] https://www.youtube.com/watch?v=XOZLEhTlr6E

    [5a] http://video.cnbc.com/gallery/?video=3000496813

    [6] http://www.c-span.org/video/?406201-1/attorney-general-loretta-lynch-testimony-justice-department-op erations (seek to 51:00)

    [7] https://youtu.be/g1GgnbN9oNw?t=3h35m52s

    [8] https://youtu.be/g1GgnbN9oNw?t=3h11m46s

    [9] https://youtu.be/g1GgnbN9oNw?t=3h19m39s

    [10] https://youtu.be/ZQAmlVFjJ9k

    [11] https://youtu.be/9HK4IBscfMQ?t=4m50s

    [12] https://youtu.be/g1GgnbN9oNw?t=3h16m18s

    [13] http://pastebin.com/raw/hPpAKmtq

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 12:41pm

    My conclusions so far is that you cannot take an absolutist view on this.

    Some people say that 1 + 1 = 2. Others say that 1 + 1 = 10. Still others say that 1 + 1 = 1. My conclusions so far is that you cannot take an absolutist view on this. 1 + 1 = 5 is a balanced compromise.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Mar 2016 @ 1:14pm

      Re: My conclusions so far is that you cannot take an absolutist view on this.

      Some people say that 1 + 1 = 2. Others say that 1 + 1 = 10. Still others say that 1 + 1 = 1.
      1 + 1 = 2  : natural numbers or integers
      1 + 1 = 10 : as above, binary representation
      1 + 1 = 1  : mod 2, “or” operation

      1 + 1 = 5
      odd + odd = odd? think it must be—
      1 + 1 = 5 (mod 2)

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 12 Mar 2016 @ 1:19pm

        Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

        mod 2
        Whoops. Muffed that one. Not thinking straight. Should be just—

        1 + 1 = 1  : “or” operation

        1 + 1 = 5
        odd + odd = odd? Weird. (That's what I thought first, then I mixed up the “or” operation equivalence.)

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 12 Mar 2016 @ 1:19pm

        Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

        odd + odd = odd? think it must be—
        1 + 1 = 5 (mod 2)



        No, the message is that the "balanced compromise" is just wrong any way you look at it.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 12 Mar 2016 @ 1:24pm

          Re: Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

          No, the message is that the "balanced compromise" is just wrong any way you look at it.
          I don't think you a have a whole lot of experience with “weird” algebras.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 12 Mar 2016 @ 1:27pm

            Re: Re: Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

            I don't think you a have a whole lot of experience with “weird” algebras.

            Like Hollywood accounting?

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 12 Mar 2016 @ 1:36pm

              Re: Re: Re: Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

              No.

              1 + 1 = 1 + 1 + 1 + 1 + 1

              Unfortunately, when I set it up like this, the pattern looks familiar enough to me, that I think I may be under an NDA regarding previous work in this area.

              In an open forum, it would be a deletion rule, from the addition chain. A kinda crazy mathematician did some work in this area a some decades(?) ago. The work was essentially forgotten, and thought to be useless. And after saying that, I'm now really getting into the area covered by my NDA. Sorry.

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 12 Mar 2016 @ 1:41pm

                Re: Re: Re: Re: Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

                A kinda crazy mathematician did some work in this area a some decades(?) ago.
                Which, btw, is in the open literature, if you look for it. But really I better stop talking now.

                reply to this | link to this | view in chronology ]

                • identicon
                  Anonymous Coward, 12 Mar 2016 @ 2:04pm

                  Re: Re: Re: Re: Re: Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

                  Which, btw, is in the open literature, if you look for it.
                  * * ↔ * * * * *     (omitting the “+” operator, purely for notational convenience)(“ ↔ ” is an equivalence relation)(and don't ask me why the guy used “ * ”)

                  reply to this | link to this | view in chronology ]

    • identicon
      Maxwell, 13 Mar 2016 @ 8:26am

      Re: My conclusions so far is that you cannot take an absolutist view on this.

      Ya, whatever, but we're working in base 10 here, so 1+1=2 not 5.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Mar 2016 @ 8:52am

        Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

        Ya, whatever, but we're working in base 10 here
        Who's the “we” to whom you are replying? That assumption is nowhere stated in the parent comment.

        reply to this | link to this | view in chronology ]

      • icon
        frank87 (profile), 13 Mar 2016 @ 9:19am

        Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

        You know something funny: every base is 10 in base-N notation:
        1 10 -> base 10 (2 decimal )
        1 2 10 -> base 10 ( 3 decimal )

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 13 Mar 2016 @ 9:41am

          Re: Re: Re: My conclusions so far is that you cannot take an absolutist view on this.

          When does 2 =?= not 5

          Then suppose we can tristate a line driver.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 12:47pm

    White House Support

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 1:03pm

    Cryto promotion

    Drear Prez
    Thank you for the big fuss about encryption. You have done more to make people aware for the need then all the security experts warnings previously tried to do. This is an object lesson of the Streisand effect, make enough noise and everybody take notice. So now we all are aware that big brother intends to snoop our every breath we take and move we make. Now the general public Knows that YES I certainly need encryption, to keep all the mundane details of my life private. So now you can get a warrant and I will plead the fifth amendment right of silence. Remember that pesky constitution stuff, the one you have been ignoring since 2008? Wasn't there an oath of office involved to uphold that each time you were sworn in? I guess treason is just an insignificant detail to you.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 2:41pm

    When I was in school I should have told my math teacher that she was being absolutist about my answer. Could have hammered out a compromise and got a better grade.

    I should have also tried asking for a Pony and settling on a dog.

    reply to this | link to this | view in chronology ]

  • identicon
    Rekrul, 12 Mar 2016 @ 3:02pm

    And this is a society that is built on a Constitution and a Bill of Rights and a healthy skepticism about overreaching government power.

    I stopped reading right there. For decades now, the government has been sh*tting on the Constitution, ignoring the bill of rights and overreaching every chance they get and his administration is no different.

    After saying this, how can you trust anything else that comes out of his mouth?

    reply to this | link to this | view in chronology ]

    • icon
      Whatever (profile), 12 Mar 2016 @ 7:13pm

      Re:

      "After saying this, how can you trust anything else that comes out of his mouth?"

      The problem has a lot more to do with the basic problem of America: Black and White thinking, with absolutely no grey zone at all. When the President comes out with what is effectively a grey zone proposal ("can't we find a compromise?") he gets shit on by both sides.

      Intolerance, the inability to consider things from the other side, absolutism... all things that are seriously harming the US and quickly guiding it to the crapper.

      Part of what has happened is now everything overreaching of a challenge to some right people feel they have. Plenty of people out there yammering on about freedom of speech, but more than willing to mount violent protests to stop people from having that right. America has become a place where minority groups are telling the majority what to do, wrapping themselves in the constitution as they do it. It's truly sad.

      So rather than slam the President for trying to find some functional middle ground, stop and think that perhaps your view is a little too extreme and little bit too unyielding. The solution lies not with him, it starts with you.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Mar 2016 @ 9:03am

        Re: Re:

        You mean like when you claiming that asking the police to show a bit more restraint would lead to criminals kidnapping babies to use as shields?

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Mar 2016 @ 9:13am

        Re: Re:

        The problem has a lot more to do with the basic problem of America: Black and White thinking, with absolutely no grey zone at all. When the President comes out with what is effectively a grey zone proposal ("can't we find a compromise?") he gets shit on by both sides.

        Intolerance, the inability to consider things from the other side, absolutism... all things that are seriously harming the US and quickly guiding it to the crapper.


        Exactly! I'm with you, Whatever. Take a famous example from history: Slavery. There were some people in the US who wanted slavery, and some who didn't. So they worked out a perfectly fine compromise, called the Missouri compromise. This basically allowed slavery in the southern states, but not the northern. But, oh no, the absolutists wanted slavery outlawed everywhere! Yammering on about "freedom" and "rights" and minority groups and such crap. This eventually led to the US Civil War in which millions of people died. All just because the absolutists wouldn't compromise. Truly sad.

        If we had had more people like Whatever back then, we could have avoided the civil war and still have slavery today.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Anonymous Coward, 13 Mar 2016 @ 9:46am

          Re: Re: Re:

          Seems that the morally bankrupt phenomena still exists in today's society. How to purge?

          reply to this | link to this | view in chronology ]

        • icon
          Whatever (profile), 13 Mar 2016 @ 10:47am

          Re: Re: Re:

          A touching story, perhaps, but way to miss the point.

          The absolutist concept would have had slaves everywhere. The compromise limited slavery and started the US down the road to the point where slavery was no longer acceptable. Without the initial compromise position, perhaps nothing would have been done and your "boy" would be shining your shoes for you.

          " All just because the absolutists wouldn't compromise. Truly sad."

          Yes, and the absolutists of free speech, racial equality, and so on are likely to find themselves in that exact same position, unable to compromise, and ending up leading the US into a new civil war. Some would suggest we are already very close (and the Alex Jones style whackjobs would say it's already happening). Absolute positions and the lack of compromise thinking is what leads us all to disaster.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 13 Mar 2016 @ 11:35am

            Re: Re: Re: Re:

            The absolutist concept would have had slaves everywhere.

            Or nowhere. Kind of left that out, didn't you? Hmm, I wonder why.

            The compromise limited slavery and started the US down the road to the point where slavery was no longer acceptable.

            No, it was the absolutist's rejection of the compromise that led to the end of slavery. Your attempted rewrite of history is very telling.

            Absolute positions and the lack of compromise thinking is what leads us all to disaster.

            Like the abolition of slavery. What a disaster, huh?

            reply to this | link to this | view in chronology ]

            • icon
              Whatever (profile), 13 Mar 2016 @ 4:23pm

              Re: Re: Re: Re: Re:

              "Or nowhere. Kind of left that out, didn't you? Hmm, I wonder why."

              My assumption is that the slaves were a given situation, and the work was to resolve the issue.

              "No, it was the absolutist's rejection of the compromise that led to the end of slavery. Your attempted rewrite of history is very telling."

              Fail. The point is that the law changed, the rules changed, and the absolutists looked less and less as the good guys. It was clearly enough of an issue to go to war about.

              "Like the abolition of slavery. What a disaster, huh?"

              Like civil war. Nice try on all the trolling, but it's not working.

              reply to this | link to this | view in chronology ]

              • identicon
                Trolls. You Gotta Love 'Em, 13 Mar 2016 @ 5:43pm

                Re: Re: Re: Re: Re: Re:

                Whatever is floundering. He's lost track of his point and has found himself deep into mounting a defence of slavery and a criticism of abolitionists. He's asserted that it would be better to still have slavery if it meant averting the civil war. Get your popcorn folks - if he sticks around on this thread, we'll have another all-out meltdown from him soon.

                reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 14 Mar 2016 @ 3:58am

                Re: Re: Re: Re: Re: Re:

                My assumption is that the slaves were a given situation, and the work was to resolve the issue.

                Yeah, by allowing it to continue.

                The point is that the law changed, the rules changed, and the absolutists looked less and less as the good guys.

                Dang those abolitionists, they just couldn't compromise, could they?

                Nice try on all the trolling, but it's not working.

                More like turning the light on a cockroach. And you do seem to be scurrying.

                reply to this | link to this | view in chronology ]

      • identicon
        Rekrul, 14 Mar 2016 @ 6:29pm

        Re: Re:

        So rather than slam the President for trying to find some functional middle ground, stop and think that perhaps your view is a little too extreme and little bit too unyielding. The solution lies not with him, it starts with you.

        Obama isn't some saint who is trying to buck the system to do what he can. He was the one who argued in favor of the indefinite detention provision of the NDAA, which violates the 5th and 6th amendments. Plus, you know all that spying on Americans that the NSA has been doing and which the government refuses to stop? Obama is on the verge of finalizing a plan to allow the FBI, CIA and other agencies access to all of that raw data as well, effectively giving them the same spying capabilities as the NSA. Not to mention that his "most transparent administration in history" has basically been waging a war against whistle blowers and freedom of information.

        So forgive me if I don't believe that he's some shining beacon of sanity, preaching a rational solution to all of use crazy absolutists.

        reply to this | link to this | view in chronology ]

      • icon
        Ninja (profile), 15 Mar 2016 @ 8:02am

        Re: Re:

        Dude, you are a paragon of cognitive dissonance.

        reply to this | link to this | view in chronology ]

    • identicon
      David, 13 Mar 2016 @ 7:54am

      Re:

      He is not all that bad as a propagandist.

      Words you find you agree with followed by non-sequitur bullshit.

      Trump does it like that as well.

      One could almost think that "Mein Kampf" has run out of copyright and nobody is afraid of using its tactics any more.

      reply to this | link to this | view in chronology ]

  • icon
    TruthHurts (profile), 12 Mar 2016 @ 9:01pm

    Self Incrimination and the if I'm dead I can't answer your questions...

    One of the major things to think about these days is that the amount of information needed just to do our daily tasks is often well beyond what a person can keep readily at hand in their memories.

    This code, that password, this identifier, etc...

    Enter the personal information device, aka Smart Phone, which from here on I will refer to as a "port-a-mind".

    These devices become extensions of our minds, storing vast amounts of data, some of which is extremely personal and or confidential.

    Yes, some people store things they shouldn't. Just like people know things they probably shouldn't because the knowledge can only be gained by doing something illegal.

    The thing is that up until recently, if you were arrested and dragged in to court, you could plead the 5th. Sure, it makes you look guilty as hell, but you could do it and nobody, including the judge can force you to answer.

    A person's spouse can also not be coerced into answering questions as that is protected against as well.

    So why isn't a person's port-a-mind protected as well? Remember, the port-a-mind is that extension of the person's mind for the digital age which is almost a requirement to remember all those digital bits and pieces of information necessary to interact with doctors, lawyers, schools, government entities, pretty much anyone these days.

    That's where encryption comes in. Strong, unbreakable (without uber quantum computers able to handle billions of quarthian strands) encryption, that cannot be coerced or forced into giving those answers that you refuse to give.

    With encryption, our port-a-minds are safe to use and can store confidential information with impunity. We're safe knowing that no-one can get our data without our consent, extending the 5th amendment to our digital data.

    Without encryption, or with encryption that others can break against your will, port-a-minds are useless.

    Without these port-a-minds, many people's daily lives will become more frantic, panic filled as they forget key pieces of data that now have to be indelibly etched into their wetware.

    So, Mr. Obama, you can either have encryption, or you cannot.
    Encryption can only be considered encryption when no-one that you have not authorized can decrypt the data.

    There is no balance, it is and will always be an absolute.
    Black or White - no grey.
    Encryption / Not Encryption, or to quote an extremely old and extremely wise muppet with the power to lay the white-house to waste with a wave of his little green hand, "Encrypt or encrypt not, there is not try."

    In another form of word play, "You can pry the decryption keys from my cold, dead - ohhhh, that's right, you can't now can you assholes!"

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Mar 2016 @ 8:26am

      Re: Self Incrimination and the if I'm dead I can't answer your questions...

      These devices become extensions of our minds, storing vast amounts of data, some of which is extremely personal and or confidential.
      Entick v Carrington 19 Howell’s State Trials 1029 (1765)
      Lord Chief Justice Camden's Judgment—
       . . . Papers are the owner’s goods and chattels. They are his dearest property; and are so far from enduring a seizure, that they will hardly bear an inspection; and though the eye cannot by the laws of England be guilty of a trespass, yet where private papers are removed and carried away, the secret nature of those goods will be an aggravation of the trespass, and demand more considerable damages in that respect. Where is the written law that gives any magistrate such a power? I can safely answer, there is none; and therefore it is too much for us without such authority to pronounce a practice legal, which would be subversive of all the comforts of society.

      But though it cannot be maintained by any direct law, yet it ears a resemblance, as was urged, to the known case of search and seizure for stolen goods. . . . The practice of searching for stolen goods crept into the law by imperceptible practice. It is not the only case of the kind that is to be met with. No less a person than my lord Coke denied its legality; and therefore if the two cases resembled each other more than they do, we have no right, without an act of parliament to adopt a new practice in the criminal law, which was never yet allowed from all antiquity. . . .
      (Note that this famous case is also reported at 95 Eng. Rep. 807. As was the custom of the time, the reports of the case do differ in their expression.)

      Papers are the owner's … dearest property; and are so far from enduring a seizure, that they will hardly bear an inspection.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Mar 2016 @ 8:40am

        Re: Re: Self Incrimination and the if I'm dead I can't answer your questions...

         (
        (Note that this famous case is also reported at 95 Eng. Rep. 807. As was the custom of the time, the reports of the case do differ in their expression.)
        Orin Kerr: “Identifying the Most Important Version of Entick v. Carrington
        From 1800 to 1840, there are about a dozen citations to Entick that make it into the database. But they mostly cite to another reporter: The citations were to “2 Wils. 275,” a reference to Mr. Serjeant Wilson’s Reports.
         )

        reply to this | link to this | view in chronology ]

  • identicon
    posty, 12 Mar 2016 @ 9:24pm

    I fixed Obamas video

    I re-cut this video to roughly say what he should have said.

    https://www.youtube.com/watch?v=yviJfcfBNew&feature=youtu.be

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Mar 2016 @ 10:27pm

    Examples of past failures when keys leak...

    While I haven't read all of the Apple/DOJ filings and briefs.

    I can't believe that most if not all techie sites have not kept hammering on the fact that different types of "backdoors" HAVE been implemented in the past by private industry. And while I can't say all implementations have run into trouble, I can say that one glorious example of failure is the HDMI - HDCP protocol.

    I was in the "industry" when this happened and all manufacturers' had to acknowledge that we would not encode the master the key into our devices and that any such act would result in breach of contract and potential legal action...etc etc

    The "'governments'" as usual, and not just the U.S., are just looking for quick solutions that allow for *cough* due process of law *cough* as defined under vague and blithely ignorant language.

    My point is, why aren't more examples of these attempts or past implementations, that at one time must have been thought 'somewhat' secure by the companies/organizations that implemented them, being raised as examples of precedent failure? How many times has the Entertainment industry tried to implement DRM and failed? How much have they spent? If such a mechanism could be implemented private industry would have already found it.

    I was hoping to find an example of where previous private industry efforts have been brought forth to the government as cautionary anecdotes of these schemes.

    I did find an excellent paper here: http://dspace.mit.edu/handle/1721.1/97690 discussing the difficulties and challenges of what the government is asking of the technical communities. Yet, still no mention of private industry attempts and failures. The paper does mention the "Clipper" chip but this was never fully implemented.

    Alternatively, let's suppose the governments' in the not so distant future have been able to implement such a scheme. So our banking systems, personal computers, phones etc all have some type of 'backdoor' mechanism baked into the design. Then any one or more of these "security algorithms" is leaked, by whatever means. What are the governments' going to do then? Wouldn't this be a perfect pretense for an "Internet Kill Switch"? I mean in order to "protect" us.

    Am I missing something? I mean is there a reason that the failed attempts by private industry to do the same or similar things the governments' are requesting are not being trotted out ad infinitum?

    As Buzz LY would say "...to infinity and beyond." ;-)

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Mar 2016 @ 12:03am

      Re: Examples of past failures when keys leak...

      With respect to DRM, key leakage is inevitable, as the recipient and the attacker are the same person.

      However, the thing that you are missing is that very strong (effectively unbreakable), and theoretically unbreakable (one time pads) cryptography already exist. Therefore, forcing people to use some form of system that gives government access to encrypted material only gives them access to the material of law abiding people and stupid criminals. The latter can almost always to caught and convicted without reading the contents of their phones and computers. Anybody who is really determined to keep material secret from the government can, although it is not easy to do.
      From what I see, modern governments are scared of their own citizens forcing them to actually represent them, or throwing them out of office. They think that they can control their citizens and society, but the harder they try to do this, the greater the chance of them being overthrown by violent revolution, or an internal coup. (Look at how often senior part members get removed from power, and thrown into jail in one party states).

      reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 13 Mar 2016 @ 7:24am

      Re: Examples of past failures when keys leak...

      We have a ton of examples of this. Probably the best known example to the general public is the CSS used in DVD encoding.

      reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 13 Mar 2016 @ 1:24am

    The most famous backdoor...

    I wonder why so few people want to talk about the famous failed backdoor we already gave them in the 'war on terror'.

    The vaunted keys to luggage.

    We HAD to give them a way to access luggage, they promised to only use them for good. Anyone who wants to can now have a copy of all of the keys because they failed to secure them. Hell half of the time they still just cut the locks open because its faster than following procedure.

    Not even touching on all of the theft that went on (and was covered up/ignored/denied) they failed to secure this secret and they want us to give them wide ranging access.

    Perhaps maybe they need to consider they haven't proven they can handle responsibility. They secretly spy, they secretly hack, they secretly scoop up everything then pretend they didn't do it even in the face of 'evidence' they deny is real (yet want to imprison the leaker forever after torturing him).

    Giving them the backdoor to luggage hasn't made anyone safer yet they won't see anything but demanding more backdoors they don't understand, won't protect, & will not do anything but slide us further towards everything we were founded not to be and call out in other nations.

    reply to this | link to this | view in chronology ]

  • identicon
    Lurker Keith, 13 Mar 2016 @ 4:21am

    Quantum Encryption

    If the Government is this upset about flawed, but mostly strong encryption now, what are they going to do once Quantum Encryption becomes viable & cheap enough to use for phones & the internet?

    Once Quantum Entanglement reaches the point of practical applications, it becomes one of the best ways to do data transfers, since there will be no middle to be attacked.

    We'll move from "that isn't how Encryption/ Math works" to "that violates the Laws of Physics".

    reply to this | link to this | view in chronology ]

    • identicon
      Digger, 13 Mar 2016 @ 9:27pm

      Re: Quantum Encryption

      You forget the other thing that quantum entanglement will bring.
      Ansible like communication that "CANNOT" be eavesdropped on.

      No more cell towers, no more ISPs, just connections to regional datacenters where half of your device token resides, the other half being in your device.

      No matter how far away you are, even on the other side of the galaxy, instantaneous, secure, communications.

      Of course, this only works out to be true *IF* the NSA/CIA/FBI/Fatherland Security doesn't turn them into triplicate entangled components. 1 for device, 1 for DC, 1 for Alphabet agencies.

      reply to this | link to this | view in chronology ]

  • identicon
    Rob, 13 Mar 2016 @ 5:51am

    The Puzzle Pieces that Obama is Missing in the Apple Encryption Debate

    President Obama is missing some details. I do not blame him for seeking extra information, but it is hard for me to believe he has not yet heard it from his technical advisors. I will concede that there is one situation in which we all should work together to decrypt a phone.

    However, mandating government backdoors is, on balance, only going to make us less secure.

    Here is my full response to his position: https://pastelink.net/1555

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Mar 2016 @ 6:57am

    Re: government cannot just willy nilly get into everyone's iPhones,

    What makes them think this is about THEM?

    The Fed is compelling a third party (whose budget exceeds that of many countries) to facilitate investigatory duties without direct federal oversight. The liability here isn't just related to this case, it is also the internal security problems this potentially creates at Apple. How exactly does the fed plan on preventing employees at Apple from exploiting this functionality on behalf of say, a wall street executive with a fat bankroll?

    And isn't that exactly the current problem with ISP's using surveillance apparatus (originating from government funded R&D) for commercial surveillance today?

    If your going to draft people into compulsory service, call it that. But stop playing on both sides of the line. Either the carrier/developer is agency of state, or their testimony is compelled, NOT BOTH. By straddling the line the government is endowing carriers/developers with sovereign authority, while denying the citizens any recourse for dealing with that authority.

    You are screwing with checks and balances here.

    Obama. Please stop whining about Snowden. Everyone knew what was going to happen when Bush consolidated intelligence agencies. While Snowden may have been the defining cultural event, it wasn't the defining event. The Snowden leaks where the result of many bad decisions, several of which were made in the executive branch.

    This isn't just about Federal violations of civil rights. It is in fact mostly about commercial sector violations of civil rights. Obama, you are steward of the WHOLE Constitution, not just the part that makes your life easier. Please take that into consideration, and reevaluate the problem.

    Of course the whole thing could be kabuki theater. They may be playing to the media for drama and national attention, then decide for Apple, but with a judicial decision that also gives the fed a blank check to violate all kinds of other civil rights. The people stop bitching, and business goes on as usual. Perhaps the plan here is to feed the beast a box of rocks and keep the steak for themselves?

    It isn't going to work if that's the case.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Mar 2016 @ 7:17am

    "...it wasn't because strong enforcement stymied them,..."

    You mean "strong encryption", eh?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Mar 2016 @ 7:20am

    The powers that be, who've made provision for black-boxing their own data for years, do not want us doing the same. Tough. Top-Secret a two-edged sword, and their attempt to dull the other side is not only obvious & impossible, it's desperate & embarrassing. We will not dull our blades for you, regardless of your tired McGuffins.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Mar 2016 @ 12:51pm

    Encryption is like anal sex. Either you have penetration or you do not. There is no middle ground. There is no "just the tip"

    Suggesting that encryption still has value if others can easily crack it turns encryption into a false sense of security.

    reply to this | link to this | view in chronology ]

    • icon
      Whatever (profile), 13 Mar 2016 @ 5:29pm

      Re:

      "Suggesting that encryption still has value if others can easily crack it turns encryption into a false sense of security."

      You are falsely assuming that any backdoor would be easily cracked. As I mentioned above, it could be something that requires many steps, including physical possession of the phone, and then only discloses the pincode and not the actual decrypted data. By securing the pincode process to enforce "from the device input screen only" would make it significantly harder (never impossible) to not only crack, but to actually implement. Imagine if you will a backdoor that requires a dongle or other physical means. There are plenty of options - once you get off the absolutist position that nothing is possible and start thinking.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Mar 2016 @ 5:40pm

        Re: Re:

        Dude! A dongle? Seriously?

        What if a foreign agent (or even a terrorist) silently infiltrates the FBI and clones the dongle?

        What if a misguided but otherwise well-intentioned whistle-blower accidentally leaks the key, part of the key, the random seed, or even just data on the used algorithm?

        What if a Chinese hacker poses as an attractive lady enticing some dude to open a photo that breaks the system and steals the key?

        reply to this | link to this | view in chronology ]

      • identicon
        Trolls. Smarter Than Everyone!, 13 Mar 2016 @ 5:46pm

        Re: Re:

        Every encryption expert in the world: "This is not possible."

        Whatever: "Pretty sure my vague idea based on minimal technical understanding has solved the problem."

        Welp, I'm convinced!

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Mar 2016 @ 1:13am

        Re: Re:

        As I mentioned above, it could be something that requires many steps, including physical possession of the phone,

        The whole idea behind encrypting the phone contents is to ensue nobody but the owner can gain access to the contents. The FBI want to remove that protection so that they have access to the content almost as easily as the owner, which will rapid;y result in thieves having access to the content of stolen phones, along with any bank accounts etc.
        Similar encryption ion communications is meant to ensure that only senders and recipients can read the messages. Any suggestion that only the device provider can get at the contents with a warrant is laughable,as the would soon face so many demands that they would be forced to hand keys over to the agencies to save costs, and at that point the warrant requirement would vanish.
        Ensuring that the FBI, and other agencies can get at phone contents, or read messages is defeating the purpose on encryption, which means that such encryption is broken by definition.

        reply to this | link to this | view in chronology ]

      • identicon
        AJ, 14 Mar 2016 @ 5:34am

        Re: Re:

        I see where you are getting confused Whatever.

        The basic principal of encryption is; Encryption is an absolute. You are either secure or not secure. If it is not secure, then you must assume at all times that it is not secure. There is no such thing as "mostly secure".

        If they create the possibility of even a multi step backdoor, someone will crack it. Look at the many many fine examples of our government trying this very thing. Here's one example; Try Google'ing Luggage master keys.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Mar 2016 @ 11:51am

        Re: Re:

        You are falsely assuming that any backdoor would be easily cracked.

        Perhaps, in your non-absolutist wisdom, YOU can come up with an adequately backdoored law-enforcement-friendly phone.

        It could be beta-tested with law-enforcement, law-enforcement officials, Congress, and anyone else claiming it's necessary for our own good. Assuming they trust the security, as we would be expected to, they should have absolutely no issue with putting their personal information at risk.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Mar 2016 @ 5:35pm

    Let's REALLY go through this line by line.
    Movie sins style:

    Let's go through this line by line.
    All of us value our privacy. And this is a society that is built on a Constitution and a Bill of Rights and a healthy skepticism about overreaching government power. Before smartphones were invented, and to this day, if there is probable cause to think that you have abducted a child, or that you are engaging in a terrorist plot, or you are guilty of some serious crime, law enforcement can appear at your doorstep and say 'we have a warrant to search your home' and they can go into your bedroom to rifle through your underwear to see if there's any evidence of wrongdoing.


    All of us value our privacy.

    The good old "we know X is important BUT...". Ding.

    And this is a society that is built on a Constitution and a Bill of Rights and a healthy skepticism about overreaching government power.

    Appeal to old, scared people. Try to sound patriotic. Ding.

    Before smartphones were invented, and to this day

    Again, appeal to old, scared people. Also F***ing magnets, how do they work? Ding. Ding. That's 2 sins for repeating yourself

    if there is probable cause to think that you have abducted a child

    The "someone think of the children" argument. +4 sins

    or that you are engaging in a terrorist plot

    Oh for f**k's sake! +4 sins

    or you are guilty of some serious crime

    Translation "we're really scraping the bottom of the barrel here guys". +2 sins

    law enforcement can appear at your doorstep and ...

    Blow up your door and blind your kid with a flashbang ?

    ... say 'we have a warrant to search your home' and they can go into your bedroom to rifle through your underwear to see if there's any evidence of wrongdoing

    Real terrorists keeps their detailed plans in the same drawer as their knickers.

    +1 sin for the sheer stupidity of it all

    Total: 17 sins.
    Sentence: "We aren't seeking a back-door approach. We want to use the front door, with clarity and transparency, and with clear guidance provided by law."

    reply to this | link to this | view in chronology ]

  • identicon
    mb, 14 Mar 2016 @ 8:02am

    The Real Solution

    The real solution here, is to to legislate liability and ciminality to software developers for bad security. If software did what it was supposed to AND reliably, hackers disrupting our power grids and air traffic control would not be a big concern because you could be damned certain that software would be a lot more secure if companies like Microsoft had to pay the actual damages incurred by their shitty software, and maybe some jail time as an accessory to the crime.

    Security is an afterthought to most software design because it isn't economical when you need to rush the product out the door to meet some marketing schedule.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Mar 2016 @ 8:29am

      Re: The Real Solution

      Sure manufacturers could provide their device/OS "uninitialized" and force the user to set a password the first time it's used, but how many users would go for something like "1234" or "qwerty" as opposed to an actually secure password.

      So if the user sets "admin1234" as a password is it still the security vendor's fault?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Mar 2016 @ 9:21am

      Re: The Real Solution

      The real solution is to keep critical infrastructure from being managed over the Internet.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Mar 2016 @ 10:01am

        Re: Re: The Real Solution

        The real solution is to keep critical infrastructure from being managed over the Internet.
        Horse. Barn. Thataway ↣

        Cybersecurity Framework
        Overview

        Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure . . .

        reply to this | link to this | view in chronology ]

  • identicon
    Anon, 14 Mar 2016 @ 8:30am

    I'm sure

    I'm sure America is also working to a common ground instead of absolutist positions on abortion - where there's a way that my teen daughter or my neighbor's can get the abortion needed so her chances for a good education and college are not compromised, but all those terrible people who want to kill babies just for convenience are unable to do so.

    (Hint - sarcasm)

    reply to this | link to this | view in chronology ]

  • identicon
    Kendall, 14 Mar 2016 @ 4:19pm

    How is this better?

    How is it better that Obama seems to acknowledge and understand the argument tom the the cryptologists, when he rejects it wholesale?

    Is it not better to imagine some other candidate who does NTO seem to fully understand the issue might in fact be brought to see reason?

    The only candidate at the moment we know absolutely cannot see reason on this point is Clinton; she and her husband supported the Clipper Chip after all. So they know all too well the argument at hand and are working bring back Clipper in another form...

    reply to this | link to this | view in chronology ]

  • identicon
    Mike Del Sol, 15 Mar 2016 @ 12:11am

    Backdoors and Front doors

    Your strong encryption is running in powerful hardware which contains backdoors placed at the best of the governments where the hardware was made or designed. But don't worry, the NSA doesn't share with the FBI.

    reply to this | link to this | view in chronology ]

  • identicon
    NateWhilk, 15 Mar 2016 @ 12:33pm

    The tables have turned.

    ' The President is discussing this like it's a political issue rather than a technological/math issue. People aren't angry about this because they're "extremists" or "absolutists" or people who "don't want to compromise." They're screaming about this because "the compromise" solution is dangerous. '

    He does this all the time. Now it's directed at you. Are you having fun yet?

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Caution: Copyright
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.