WSJ – Justice Dept. Revives Push to Mandate a Way to Unlock Phones

Lame-ass government … lame-ass technology companies (considering recent fb, apple, twitter, uber, etc flaws). Now far up the government’s ass are Ray Ozzie, Stefan Savage and Ernie Bicknell’s tongues

Also amusing is that to receive the “report” which looks to be a government report you have to spend $45.  Yet another government attempt to keep secret what it’s doing

  • officials are renewing a push for a legal mandate that tech companies build tools into smartphones and other devices that would allow access to encrypted data
  • officials have been quietly meeting with security researchers who have been working on approaches to provide such “extraordinary access” to encrypted device
  • Justice Department officials are convinced that mechanisms allowing access to the data can be engineered without intolerably weakening the devices’ security against hacking
  • talks inside the executive branch over whether to ask Congress to enact legislation mandating the access mechanisms
  •  White House circulated a memo last month among security and economic agencies outlining ways to think about solving the problem
  • FBI and other officials call lack of access to encrypted data “going dark.”
    • Rod J. Rosenstein, the deputy attorney general, and Christopher A. Wray, the F.B.I. director, have begun talking publicly about the “going dark” problem
    • Rosenstein, the deputy attorney general, argued in a speech that permitting technology companies to create “warrant-proof encryption” was endangering society
  • “Building an exceptional access system is a complicated engineering problem with many parts that all have to work perfectly in order for it to be secure, and no one has a solution to it,” said a Tufts University computer security professor
    • Any of the options people are talking about now would heighten the danger that your phone or your laptop could be hacked and data taken off of it
  • “Proposals that involve giving the keys to customers’ device data to anyone but the customer inject new and dangerous weaknesses into product security,” said senior VP of software engineering at Apple
  • some computer security researchers believe the problem might be solvable with an acceptable level of new risks
  • National Academy of Sciences committee completed an 18-month study of the encryption debate, publishing a report
    • one section cited presentations by several technologists who are developing potential approaches
    •  Ray Ozzie, a former chief software architect at Microsoft; Stefan Savage, a computer science professor at the University of California, San Diego; and Ernie Brickell, a former chief security officer at Intel
  • those three men have been participating in a series of workshops convened at the Massachusetts Institute of Technology by Daniel Weitzner
    • have discussed their research with government officials, including Valerie Cofield, a senior F.B.I. science and technology official working on “going dark”
    • trying to create a safe enough way to unlock data on encrypted devices, as opposed to the separate matter of decoding intercepted messages sent via encrypted communications services
      • “Technology companies almost certainly will not develop responsible encryption if left to their own devices,” he said. “Competition will fuel a mind-set that leads them to produce products that are more and more impregnable
  •  one alternative being worked on by Mr. Ozzie and others is receiving particular attention inside the government
    • when devices encrypt themselves, they would generate a special access key that could unlock their data without the owner’s passcode
    • key would be stored on the device itself, inside part of its hard drive that would be separately encrypted — so that only the manufacturer, in response to a court order, could open it
  • Military and cybersecurity agencies worried that weakening security would create new problems,
  • commerce officials worried about quashing innovation and making American tech products less competitive
  • how to prevent criminals from deleting the access keys on their devices or from using phones that do not have the mechanism because they run on outdated software or were built for foreign markets
    •  Justice Department official familiar with the deliberations contended that it might not be necessary to come up with a foolproof system, arguing that a solution that would work for ordinary, less-savvy criminals was still worth pursuing

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s