Despite Stream Of Leaks Exposing Tremendous Gov't Surveillance Capabilities, James Comey Still Complaining About 'Going Dark'
from the really-just-working-with-a-single-talking-point-these-days dept
Following the Shadow Brokers' partial dumping of NSA exploits, a new batch of CIA exploits has hit the web via Wikileaks. Contained inside both sets of leaks was information explaining why encryption isn't much of a problem for the intelligence community. The NSA has put plenty of time and money into breaking encryption, but much of its Tailored Access Operations -- much like the contents of the CIA dump -- involve access efforts that bypass encryption completely by making themselves at home on the targeted hardware/device.
Despite these leaks, FBI Director James Comey is still insisting encryption is a problem. In his recent appearance at Boston College's cybersecurity conference, Comey had this to say:
[C]omey said that he a fan of "strong encryption" but noted that "it is making more and more of the room of what the FBI investigates dark."
Between September and November, the FBI received 2,800 devices it had lawful authority to open but could not open 1,200 of them "with any technique," he said.
Comey (again) called for "balance," a term he never bothers to define, but hints heavily at private companies being made to play by his rules, rather than offering any form of compromise from his end.
And it's partially true: devices seized after an arrest can't be forced open by exploits. The exploits need to be present on the devices first. But investigations always precede arrests. At this point, efforts can be made to target known devices to provide access during the investigation and prevent them from being locked up once they're seized. The legal framework, unfortunately, doesn't really exist at this point, but a lack of specific permission has never stopped the FBI from acting first and litigating later.
The FBI also has expanded access to the NSA's full-take surveillance programs, thanks to the recent lifting of restrictions. Nearly every phone utilizes the internet in some way, which would expose data and communications to the NSA's taps. This won't capture everything stored on devices, but it's far more info than the FBI would have otherwise. Comey's repeated complaints about "going dark" make less and less sense every time a new surveillance secret leaks.
Every new surveillance leak points to another disturbing fact: the FBI's promises of security and safety -- in reference to courtroom requests for "technical assistance" from device manufacturers -- are bullshit. If the NSA and CIA can't keep their exploits out of the public's hands, there's zero chance the FBI would somehow keep leakers and/or criminals from obtaining its cell phone-cracking secrets. The only balance that can be achieved by undermining device encryption is one where everyone loses.