This is the sort of thing that we get told will make my job easier.
Take from the horse mouth; complete crap.
Which is why you probably won't find anyone in the security or forensics business that thinks this is a good solution.
One of my trainers told me something to me when I first started working on LE cases. He pointed out that catching criminals can only be made so easy before it becomes detrimental. And that point is either when the tools can be used by anyone (i.e. not specialist investigators) or when the tools begin to facilitate crime.
Reducing the traditional ten-button numeric keypad for entering your access code can be simplified for law enforcement use by removing nine of the buttons.
Unfortunately, this LE optimization also eases the effort required by the burglars.
Or requiring WEP encryption.
Or requiring that all passkeys be registered, and all be stored on an LE database, and where a nefarious user can capture hundreds or thousands of keys...
Lets say that there are some licensed specialists who have tools that enable them to open your car door when you have locked your keys in it. These tools are illegal for anyone but the specialists to own or carry. That legal nicety isn't sufficient protection against thieves using the same tools as the specialist.
If product x has a backdoor, this backdoor will also be used by bad people. It can also be cracked and there will always be product y without a backdoor. Don't the legislators see this? Or are criminals statistically really that lazy that they will still use mobile phones even though they are compromised.
According to "The Wire" they often even put extra layers of encryption security, anyway. Such behavior would make that legislation even more useless, as it would indeed only target the innocent that don't take extra precautions.
It's the usual short-sighted, first-order effects thinking we see so often in politics. Behaviour X is problematic; target a law at behaviour X; ergo "problem solved". But that's not the way it works. Laws can never directly address behaviour X. Instead, the law creates behaviour Y in the state apparatus; Y may be opposed to X, but it also has effects of its own; and the damage from Y may exceed the damage from X.
It can also be used by good (or at least inquisitive) people.
The back door isn't going to be built into super encrypted military stuff, but a lot of government traffic travels over commercial links, using commercial hardware and software.
Since this government backdoor is going to be leaked or hacked about 3.2 femtoseconds after it's introduced then every internal government memo, every cell phone/sms between a politician and their mistress or lobbyist and every conversation between lawyer and client is going to be on wikileaks.
Season 5 how Marlo arranges meets and pickups was a good example of extra security.
SPOILER ALERT
Marlo (the drug lord) sent picture messages of a clock to arrange meetings. The hour and minute hands corresponded to the letter and number axes of a common Baltimore map and the second hand tells what page. The dealers would look up the coordinates on a map to find out where to meet. The cops broke it because they had (illegal) wiretaps on everyone's phones, and they had illegally allocated lots of extra manpower to tail all of the suspected drug dealers around the clock.
Do you have any idea where it could be leading? I've been thinking about it on and off for the past few days but nothing comes to mind, I don't have enough context to form any opinion.
I'd sure love to hear what Schneier thinks about it.
I don't know where it's leading, or if it's even leading anywhere. For some people, gaining power over others is an end unto itself, not a means leading to some other end.
Anchoring involves defining the value of something where it was previously undefined. What you describe is simply an extreme initial offer. You're right that it isn't necessarily sinister.
I've heard the argument that this is an effort to get some kind of "middle ground" before. The problem is there can be no middle ground here - only the illusion of one. Either law enforcement has the right to do X or they don't - if they are allowed to require a backdoor on skype, how could they not be allowed to require a backdoor anywhere?
The real scenario would be legislation justified with the argument "we want unlimited legal power but we promise to use it just a little" - and this kind of promise always turns out to be bogus.
"It's like the FBI demanding that no automobiles drive above 50 mph, so they can more easily pursue getaway cars. It might or might not work -- but, regardless, the cost to society of the resulting slowdown would be enormous."
You like the analogy because a speed limit of 50 would result in a decrease of fatalities due to car accidents? I guess that's what he meant with "cost to society" since IIRC more fatalities result in a higher gross national product.
I think the "cost to society" would be more directly attributed to the increased time of travel for people and goods traveling on roadways.
The only increase in GDP that can be attributed to roadway accidents is due to the spending of medical care, which often times is loaned or from insurance, which is not a stable and reliable way to increase GDP over the long term. Overall, fatalities decrease GDP.
> "cost to society" would be more directly attributed to the increased time of travel
That's probably what he meant but it's not necessarily how you have to read the quote in the parent comment. I'm still not convinced that a speed limit of 50 would by a bad thing but maybe that's a cultural thing. My memories of my economics class are fading so I cannot counter your argument about the stability of the increase.
Sniffing the open Internet. Yes, that's feasible to a point (where there isn't more data sniffed than can be reasonably mined, or more data than can be reasonably sniffed).
Putting backdoors into products is commercial suicide for any crypto company to publicly acknowledge. If this goes through, then the simple way to view it is that any product supported by the US for export cannot be assured against having a backdoor.
In the UK, for the advanced crypto stuff, a government agency gives you key material. They have the keys, that way if anything sensitive goes missing they have the ability to attribute while recovering, but the crypto isn't exposed. For everyone in the commercial world well, you're on your own. There's more than one way to skin a cat.
All the government is asking for here is a continuation of the status quo. it's always had the ability to wiretap phones, but people don't use phones as much anymore - they use IM, Facebook, etc. to hatch their devious plots.
Wiretapping - analog or digital - requires a judge's approval in this country. Sure, it can be abused. But do we in the IT world really want to be providing an untraceable means of communication for the next 9/11 bombers? Or, for that matter, white collar criminals, bank robbers, etc.?
To me providing checks and balances on the governments ability to snoop on civilians lives shouldn't be a technology arms race. It should be based on an engaged citizenry that keeps watch on its elected officials, making sure they are acting within the law.
All the government is asking for here is a continuation of the status quo. it's always had the ability to...
No, this is not the case. Telephones are the exception.
Mail is legally protected every which-way. Obviously I'm free to encode something on a piece of paper and hand it to someone, or through a messenger.
But this proposal, at least as it's been reported, would force all communications to have a back door. No more passing encrypted notes.
do we in the IT world really want to be providing an untraceable means of communication
This is a straw man. Traceability doesn't enter into it. The gov't is asking for much more than a log of traffic. It's asking to see the content of the traffic.
It's also hyperbole. Until you can show that something as important as you're saying has actually used encryption, and that the inability to see inside the message would have averted the act, then you're just spinning FUD. There is currently no evidence that law enforcement is failing due to crypto.
Even if it were so, you'd still have to prove that the cost of those things that might be averted exceeds the costs to society from the loss of security.
But do we in the IT world really want to be providing an untraceable means of communication for the next 9/11 bombers? Or, for that matter, white collar criminals, bank robbers, etc.?
Yes, we do.
Sometimes it is an inevitable consequence of the march of technological progress that certain legal and civil artifacts of previous eras must fall away, and we need to let that run its natural course, instead of trying to put up pointless and ineffectual -- but costly and frightening -- bureaucratic boondoggles in its way.
As various articles on the subject have pointed out, it's fundamentally antithetical to the decentralised core architecture of the Internet and the whole technology stack on which it is founded to have tap points like this, as if it had the hierarchical and highly centralised, despotic technical, political and economic properties of the public switched telephone network (PSTN).
There's no getting around the changes that it brings: unprecedentedly powerful encryption in the hands of ordinary consumers, complicated encapsulation and tunneling schemes, a great deal of indirection and ad-hoc, peer-to-peer negotiation. We will just have to live with the fact that secure end-to-end electronic communication that is not accessible by law enforcement are available to anyone who really wants it. For the most part, this is good news for privacy, civil rights and protection from information crime; in a few extremely marginal cases, like terrorist plotters and whatnot, this is bad, but we can't have our cake and eat it too. Trying to stop it in the manner proposed is a pointless waste of time.
But as we all know, these ideas can still exact crippling costs in money, time and energy when government imposes bureaucratic requirements, especially when they are so anachronistic (as they are, in this case) as to be instantly relegated to the realm of the symbolic. Nobody can realistically comply with the aims of this initiative, but depending on how far it goes, everyone will have to go through the motions of compliance, as we do with so many other narrowly conceived regulations thought up by idiot politicians that are wildly out of phase with actually-existing technical reality. It reminds me of the phrase "we pretend to work, and they pretend to pay us" from my native USSR.
As we repeatedly see, small companies have the most to lose, because they don't have nearly as much resources to sustain certain manifold illusions or charades that private business has to sustain in relation to the on-paper regulatory demands of innumerable government agencies and oversight bodies. When government dreams up something like CALEA, it's a lot like SOX; the amount of paper-pushing, slippery abstraction and byzantine process engineering in the resulting specification is something that, provided compliance to the letter is even logically possible, only big companies that operate processes on an enormous scale (and with enormous liquidity!) can stand implement. Everybody else, virtually by definition, is just too poor to play in the Big Boys' pond. It's still a meaningless boondoggle that doesn't actually accomplish anything concretely useful, but, for example, ILECs like AT&T, Verizon, Qwest, etc. can at least appear to comply.
It also paves the way to selective enforcement for purposes of extortion or official harassment, and the various other well-known consequences of making implausible laws.
"Did you really think we want those laws observed?" said Dr. Ferris. "We want them to be broken. You'd better get it straight that it's not a bunch of boy scouts you're up against... We're after power and we mean it... There's no way to rule innocent men. The only power any government has is the power to crack down on criminals. Well, when there aren't enough criminals one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws. Who wants a nation of law-abiding citizens? What's there in that for anyone? But just pass the kind of laws that can neither be observed nor enforced or objectively interpreted – and you create a nation of law-breakers – and then you cash in on guilt. Now that's the system, Mr. Reardon, that's the game, and once you understand it, you'll be
much easier to deal with."
well - it's also possible to scramble calls on the PSTN network, but criminals often don't avail themselves of this ability. Which is presumably also the case on the internet. Hence a 'basic' level of IP wiretapping would still be useful to crime investigators.
They already have the basic. What they are terrified of is precisely that technological change and decentralisation has compromised their ability to do "non-basic" wiretapping, and want to roll back those gains.
Also, scrambling calls on the PSTN requires somewhat non-ubiquitous - if not necessarily any longer prohibitively expensive - acoustic coupling equipment. By comparison, PGP, VPNs, and TLS are much easier for an average person to use. To some extent, everyone uses these things whether they consciously sought to or not, at least in the case of TLS certainly.
Do you suggest we scrap all the planes because that's what the hijackers used?
It's a myth to think you can stop all criminal behaviour by eliminating all existing criminal methods. It's a myth to think that the citizenry can keep tabs on what the government is up to. It's all very well keeping tabs on elected officials, but half the time they're just as much in the dark as the general public about what is really going on.
Wiretapping - analog or digital - requires a judge's approval in this country. Sure, it can be abused. But do we in the IT world really want to be providing an untraceable means of communication for the next 9/11 bombers? Or, for that matter, white collar criminals, bank robbers, etc.?
The obvious answer is no, but it is the wrong question.
The question is: Are we willing to provide them untraceable, secure communications to them when that is the price to provide it to people yearning for free speech in totalitarian countries? And are we willing to provide it to them when not doing so means all of our communications have exploits that can and will be used by non-governmental agencies as well?
Yes, it's a fair point. I guess I would say it seems like this proposed law is about creating wiretappability in general services like Facebook, Skype, etc.
There's really no way to prevent people from sending privately-encrypted data over this network though. I think the government just wants the ability to catch the lazy criminals who don't avail themselves of that kind of thing.
Take from the horse mouth; complete crap.
Which is why you probably won't find anyone in the security or forensics business that thinks this is a good solution.
One of my trainers told me something to me when I first started working on LE cases. He pointed out that catching criminals can only be made so easy before it becomes detrimental. And that point is either when the tools can be used by anyone (i.e. not specialist investigators) or when the tools begin to facilitate crime.