Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Encryption Government Operating Systems Privacy Security Software The Courts United States Hardware Politics

Justice Department Revives Push To Mandate a Way To Unlock Phones (nytimes.com) 171

"FBI and Justice Department officials have been quietly meeting with security researchers who have been working on approaches to provide such 'extraordinary access' to encrypted devices," reports The New York Times (alternative source), citing people familiar with the matter. Justice Department officials believe that these "mechanisms allowing access to the data" exist without weakening the devices' security against hacking. Slashdot reader schwit1 shares the report: Against that backdrop, law enforcement officials have revived talks inside the executive branch over whether to ask Congress to enact legislation mandating the access mechanisms. The Trump White House circulated a memo last month among security and economic agencies outlining ways to think about solving the problem, officials said. The FBI has been agitating for versions of such a mandate since 2010, complaining that the spreading use of encryption is eroding investigators' ability to carry out wiretap orders and search warrants -- a problem it calls "going dark." The issue repeatedly flared without resolution under the Obama administration, peaking in 2016, when the government tried to force Apple to help it break into the iPhone of one of the attackers in the terrorist assault in San Bernardino, Calif. The debate receded when the Trump administration took office, but in recent months top officials like Rod J. Rosenstein, the deputy attorney general, and Christopher A. Wray, the FBI director, have begun talking publicly about the "going dark" problem. The National Security Council and the Justice Department declined to comment about the internal deliberations. The people familiar with the talks spoke on the condition of anonymity, cautioning that they were at a preliminary stage and that no request for legislation was imminent. But the renewed push is certain to be met with resistance.
This discussion has been archived. No new comments can be posted.

Justice Department Revives Push To Mandate a Way To Unlock Phones

Comments Filter:
  • Impossible (Score:5, Insightful)

    by b0s0z0ku ( 752509 ) on Sunday March 25, 2018 @12:40PM (#56323283)

    This is basically impossible without banning general-purpose computing devices entirely. Even if phones have a backdoor, what's to stop someone from loading a Linux variant designed outside the US onto a laptop and using it for secure communications?

    Entirely banning "unhackable" communication would require a walled garden that looks more like Alcatraz for every single compute device sold in the world.

    • Re:Impossible (Score:4, Informative)

      by brian.stinar ( 1104135 ) on Sunday March 25, 2018 @12:57PM (#56323345) Homepage

      Electronic Frontier Foundation laughed. 'There's no use trying,' she said. 'One can't believe impossible things.'

      I daresay you haven't had much practice,' said the Justice Department. 'When I was your age, I always did it for half-an-hour a day. Why, sometimes I've believed as many as six impossible things before breakfast.”

    • Quite possible ... (Score:5, Informative)

      by drnb ( 2434720 ) on Sunday March 25, 2018 @01:08PM (#56323411)
      You misunderstand. Its not necessarily about being hackable or backdoored. There is no need to remove the current level of encryption and digital signatures and other technical security features, nor is it necessary to prevent further advances in these areas. All that government would need to do is require Apple/Google/Microsoft/etc to archive your passcode, and give up your passcode when presented with a warrant. Yes, that is not desirable. However it is not "banning unhackable communication".
      • What if you're running an OS where Apple/M$/Google/etc is not privy to your LUKS passphrase? Will this ban any OS that doesn't require a "cloud" login?
        • by drnb ( 2434720 )

          What if you're running an OS where Apple/M$/Google/etc is not privy to your LUKS passphrase? Will this ban any OS that doesn't require a "cloud" login?

          What I referred to is not a cloud login. Its a one-time archiving of your "passcode" when it is initially set or changed. Day-to-day passcode use would remain offline.

          Is this a problem for open source, yes, but that is something separate from technical feasibility. Is this a problem for Linux users, possibly not for many. Red Hat, Canonical, etc could archive things just like Apple, Google, Microsoft, etc.

          Again, none of this is desirable. I'm just arguing against the notion of "impossible". If you don

          • Sure, but Linux is open-source. What's to stop someone from writing, downloading, and/or installing an "unapproved" distro that doesn't archive passcodes? Or just disabling whatever is responsible for archiving the passcodes. Not all Linux variants are released by companies subject to US jurisdiction.

            Unless they're willing to dictate that all hardware sold in the US (or worldwide!) has to be designed to only to run approved OS's.

            • by drnb ( 2434720 )
              What would stop it, your hardware vendor requiring a properly signed kernel. Doesn't Red Hat and Canonical already offer signed kernels to support "secure boot"? As I said, its a problem for open source, not necessarily Linux users.

              Would the government care if there is a black market for hardware not implementing some sort of "secure boot", doubtful. Few criminals will have them and mere possession of them can itself be a criminal offense by which they can take you off the streets.

              Again, not a desirab
              • Requiring "secure boot" on all hardware would screw over anyone who's doing Linux (or other) kernel development in the US. Besides, there's a lot of existing non-secure-boot hardware capable of communication floating around. Not like it's going away any time soon.
                • by drnb ( 2434720 )
                  For day-to-day development and debugging the kernel developer can use a virtual machine.

                  For external testing kernel developers could register with Red Hat, Canonical, etc and submits their binaries for signing. The signing process could limit the key's use to the developer's and external tester's registered hardware. This sort of stuff already exists, Apple's Ad Hoc distribution for iOS works in this fashion. Apple signs the developer's binary via a web based process and now the developer and their exter
                  • Unless the hardware with the VM running on it has a logger built in, what's to stop people from just running an encrypted VM?
                    • by drnb ( 2434720 )

                      Unless the hardware with the VM running on it has a logger built in, what's to stop people from just running an encrypted VM?

                      Nothing. Just like there is nothing to prevent you from encrypting your data independently of OS supplied and automatic disk encryption/decryption, independently of your cloud storage provider's automatic encryption. So yes, you can still beat the feds, but that's a different argument than "its impossible" or "it will kill open source", a better argument to pursue.

              • We have been through this before, when the US government decided that strong encryption was a weapon, and could not be exported.
                They lost then and they will lose this fight also because the rest of the world know how to do maths and can't really prevent Americans getting access to the results.
                This explains the stupidity [wikipedia.org] pretty well.
                • by drnb ( 2434720 )
                  You are offering a "weaken the encryption" argument in a "company must archive decryption keys" discussion. These are two different things. The latter does not require the former.
                  • by pnutjam ( 523990 )
                    The latter is de facto the former.
                    • by drnb ( 2434720 )

                      The latter is de facto the former.

                      Not really. You confuse cryptographic strength with decryption key management. Two different things.

                    • by pnutjam ( 523990 )
                      In the real world, a weak key is identical to an easily stolen key. They are the same, even if they are technically different.
                    • by drnb ( 2434720 )

                      In the real world, a weak key is identical to an easily stolen key. They are the same, even if they are technically different.

                      Not really. With a weak key the encryption may be defeated by anyone with sufficient computational power. That is something quite different than a stolen key, the computational power being much more attainable.

                    • by pnutjam ( 523990 )
                      And a stolen key can be passed around just as easily as a broken weak key.
                      Both are unacceptable and the internet will route around such requirements.
                    • by drnb ( 2434720 )

                      And a stolen key can be passed around just as easily as a broken weak key. Both are unacceptable and the internet will route around such requirements.

                      A stolen key can be easily invalidated and replaced. Quite different than a weak key.

                    • by pnutjam ( 523990 )
                      Not if it isn't under your control.
                    • by drnb ( 2434720 )
                      Keys not under your control and invalidated and replaced quite regularly.
                    • by pnutjam ( 523990 )
                      We're talking about an escrowed key service installed by a manufacturer as a backdoor, keep up. How would you know it was compromised?
                    • by drnb ( 2434720 )

                      We're talking about an escrowed key service installed by a manufacturer as a backdoor, keep up. How would you know it was compromised?

                      Actually that is precisely NOT what we are talking about. Read start of thread, it specifically says this does not require a backdoor, merely one-time archiving of your "passcode" when it is initially set or changed. Manufacturer backdoor is a long debunked assumption.

      • So, We will end up with a block market selling older permanently lockable phones to those who do NOT wish to share their secrets with the FBI, KGB. NSA, local law enforcement and the weird kid down the street? Here's your chance to make a killing folks. Get in early. Business Plan? When a decsion is needed, just ask yourself -- "What would Uber Do?"

      • And if Apple/Google/Microsoft/etc don't have your passcode? There's lots of high quality encryption out there, freely available, for which the keys never leave your control.

    • by gweihir ( 88907 )

      These are politicians and career civil servants. They do not have any understanding of the concept of a "fact". There is also the little problem that as soon as a backdoor is implemented, nobody sane will store anything of value on phones anymore. But that is even worse than a "fact", it is a "deduction". The morons making laws do not even know that can be done.

  • by OffTheLip ( 636691 ) on Sunday March 25, 2018 @12:45PM (#56323303)
    I'd expect the issue to surface as many times as necessary until the Justice (lol) Department gets what they want.
    • So how do we fix it? How do we get a government that respects its citizens' privacy?

      • Campaign finance reform, replace First-Past-the-Post (e.g. with Instant Run-off), draw districts mathematically (e.g. with the shortest split-line method), and make all primaries in every state open to any registered voter.

        Right now we have a system where the incumbency rate is at (or near) an all time high while the approval of Congress is at (or near) an all time low, so why should they give a shit what citizens think?

        • I dislike open primaries, because it encourages spoilers. If there's, say, two strong Democrats in a primary (who I'll arbitrarily call Fraser and Short), and one Republican who is pretty well going to win (call him Durenburger), there's a strong incentive for Republicans to vote for the weaker Democrat in the Democratic primary. I don't actually know if Short won because of Republicans, but there was something of a push for them to do so.

          Proportional representation is also a possibility. By my readin

      • You have to get ahead of your government.

        Or... more likely a few heads.

    • by gweihir ( 88907 )

      The enemies of freedom have a really high level of persistence, so yes.

  • by Anonymous Coward

    They do not givr a crap about EU rules. Yes they are probably bugged by China, but China does not give a crap about me either.
    Let the Chinese and EU/US spies beat the crap out of each other If I can support them ruining each other, then as long as it happens without affecting me much, I'm all for it. They're all bastards, no matter the country.

    And yes: If I had to move to China, I would probably buy a US/EU phone :)

    • by arth1 ( 260657 )

      They do not givr a crap about EU rules. Yes they are probably bugged by China, but China does not give a crap about me either.

      That makes China slightly better - the government where you are tend to give a bigger crap, and not just about you but sometimes directly on you. China may at most be amused at what you do, but your local government can actually use that data against you or those you network with.

    • I'm actually hoping that Iran at some point in time starts assembling phones, I'd get one immediately.

  • This should be easy- just find a way to invalidate the basic laws of physics and mathematics, and voilà, you got it!

  • Current crypto isn't good enough. No amount of talking to consumer tech / engineers / "security researchers" will make it work.

    Like moving from symmetric key to asymmetric key, a whole new way of doing crypto mathematics will be needed to solve this. So get some mathematicians on super-magic-only-good-guys-can-spy algorithms.

    • The mathematicians already know that this is impossible. Remember that in Math, unlike Science, it is actually possible to disprove the negative. "New math" cannot destroy "old math" (provided the old math is proven).

      The concepts of Perfect Secrecy and Information-Theoretic Security have been PROVEN. No matter what you do, introduction of a "master key" or similar idea will always make the scheme insecure.

      It's like you're telling mathematicians to find a number which can be expressed as 2 different products

      • by Balial ( 39889 )

        ... and when they talk to the mathematicians, perhaps they'll give them the answer you gave ;)

      • ...except that no ciphers anyone actually uses are perfectly secret anyway, so I'm not sure what your point is. As soon as you decide the OTP is too difficult to use then you leave the world of provable encryption and enter reality.
        • Information theoretic security is based on the idea of OTP/perfect secrecy, but they are not the same. I never said they were.

          E.g. RSA is thought to be ITS, but it is definitely not a OTP.

          • No, no, no. A thousand times no. Information theoretic security means that no matter how much computational power you have you cannot break it, because you are fundamentally missing some information that is necessary to determine a unique solution. RSA is not that. No ciphers in use are that, except the OTP.
            • To look at it another way, decryption is in NP. It has to be efficient (P) to decrypt given the key. Therefore, the hardest any crypto algorithm can be (except something like the one-time pad) is NP-complete. We don't know that large NP-complete problems are impractical to solve, although it sure looks that way, and I don't know of any crypto that's been proven NP-complete.

              If you could prove that, say, AES-256 can't be solved without something more or less equivalent to trying all the keys, that woul

              • What are you trying to convey with this comment? I don't get how that has anything to do with what I said.
            • Sorry, I meant "Unconditionally Secure", not ITS. Again, RSA is only thought to be, not proven to be.

              • That is also not true. It is SUPER conditionally secure. That condition even has a name: the RSA assumption [wikipedia.org]. I'm not sure at this point what you are even trying to argue.
  • They seem to be collecting it all, anyway.
  • A simple fact that somehow seem to be very, very hard for some to understand. Or maybe that just don't want to understand it?
    • by gweihir ( 88907 )

      I think they do not have what it takes to understand. "We are the federal Government! We _define_ reality!" They pretty much belong into the loony-bin for the rest of their lives, because they are dangerously insane.

    • You could say the same thing about TLS. If Verisign can make valid certificates then everybody can. Oh wait that's not how it actually works... We should stop pretending that it is a simple situation with a simple answer because it isn't. There may very well be a secure way to implement backdoors. If you are really against the idea then you should be arguing the more salient point that they shouldn't be allowed to have a backdoor because government access is inherently not desirable/constitutional/what
  • The idea is to store an electronic key on the device that would be separately encrypted. This looks like a very bad idea as if the system writes that access key into the memory, this part is accessible physically. Whoever thought about this assumes that there is a decryption known only to the manufacturer or FBI which allows to unlock the device. What do you do if for some reason a third party finds out to unlock or access it remotely? Suddenly, all phones, including the ones of the morons who came up with
    • This TLS is a bad idea. Whoever thought about it assumes that there is a private key known only to the certificate authority. What if for some reason a third party finds this key or accesses it remotely? Suddenly, all communications, including the ones of the morons who came up with the idea, will be wide open to everybody.
  • by nehumanuscrede ( 624750 ) on Sunday March 25, 2018 @02:54PM (#56323973)

    There is no stopping it. Either side.

    LE is going to keep pushing for it until they get it, Team FuckYou is going to keep writing workarounds to thwart it and the folks you want to catch with your new backdoor are simply going to cease using the compromised products altogether and find something else.

    Kind of makes me wonder the real reasons for banning Huawei phones from the US markets. National Security or the fact they won't play ball with the DOJ. . .

    • Both. At least from the perspective of the DOJ.

    • It's more a legal issue. The government can listen in on telecommunications, because a law called CALEA says telecommunications systems must be designed so the government can. It would be technologically easy to make systems that couldn't be tapped, but illegal.

  • by 93 Escort Wagon ( 326346 ) on Sunday March 25, 2018 @03:05PM (#56324033)

    ”They included Ray Ozzie, a former chief software architect at Microsoft; Stefan Savage, a computer science professor at the University of California, San Diego; and Ernie Brickell, a former chief security officer at Intel.”

    I can’t speak to Professor Savage’s expertise; but just having these particular guys from Intel and Microsoft involved should scare the crap out of you.

  • If our government can enter a backdoor for plain old crimes, Russia and China can for reasons why we have a 4th Amendment -- spying on and hassling all who challenge their power.

    These are not things that disappeared 240 years ago. They are chronic problems that will exist forever, and if technology can perma-block bad governments, we should adopt it, not lament it.

    Each notch in the belt of an FBI agent or local police officer represents over 2.5 billion worldwide who live, and don't have to imagine "If you

  • Should we have freedom of privacy? My contacts, whether friends, family or business associates shall not be subject to government scrutiny.
  • by dweller_below ( 136040 ) on Sunday March 25, 2018 @08:34PM (#56325383)
    It's a Golden Age of Surveillance. We have widely deployed multiple forms of mass surveillance without once asking:
    • Is mass surveillance consistent with an assumption of innocence?
    • Is mass surveillance consistent with government that is based on the consent of the governed?

    Out personal information is widely available to multiple groups. The government has easy access to an almost endless amount of information about us. There is:

    • Collected credit-card purchasing information.
    • Collected cell-phone tracking information.
    • Real-time car tracking.
    • Collected browser activity from Google, Web sites, and search engines.
    • Collected travel information from hotels/airlines.
    • Mass monitoring of the Internet by the Intelligence community.

    The 3rd party doctrine roughly states that we can only assert a privacy right over information we directly control. If the information is shared with a 3rd party, they we don't control it, and we can't assert a privacy right over it. As the 3rd party doctrine has expanded, we have lost privacy over any shared information.

    Now, law enforcement wishes to move beyond the limits of the 3rd party doctrine. They advance the legal theory that we should not be allowed to control our own information/privacy AT ALL. They believe that the desires of law enforcement should always outvote an individual's desire for freedom, privacy or liberty. That we should never be allowed to be secret, private or alone.

    The proposals for "Responsible Encryption" are a simple end-run around the 1st, 4th and 5th amendments to the US constitution. Instead of debating this crap, we should be demanding stronger privacy protections. We need to restrict the 3rd party doctrine. We need to penalize any lawyer or judge who participates in granting "General" warrants. We need to restrain the Intelligence community from conducting mass surveillance on the US public.

  • We should also put listening devices in everybody's homes, just in case they are talking about a crime where the FBI cannot listen. (and no, I'm not talking Alexa, but who knows...)

    In case they are somewhere that electricity isn't, such as camping, we should have a government agent accompany everyone so that we can hear what they are talking about.

  • Justice Department officials believe that these "mechanisms allowing access to the data" exist without weakening the devices' security against hacking.

    Utter fucking bullshit. Because "Allowing access" is the bloody fucking definition of "weakening security". oh oh, but they claim "Against hacking". What they're trotting out is a system called "Symphony". It stores a copy of the keys. You want to send a secure message, you have to let symphony be able to read it. And everyone promises that these keys will only ever be read by police with a warrant. The vital question is "What if the symphony database gets hacked?" A whole hell of a lot of trading

I go on working for the same reason a hen goes on laying eggs. -- H.L. Mencken

Working...