Crap crypto crackdown coming as FBI boss testifies to US Congress

Comey whines that Silicon Valley just isn’t trying hard enough

Senators on both sides of the political divide in the US support the idea of forcing American tech firms to cripple their encryption systems so that the cops and Feds can snoop on people at will.

On Wednesday, FBI director James Comey told both the Senate Judiciary Committee and the Senate Intelligence Committee how device file-system encryption and secure communications are apparently stopping the FBI and others from nailing ISIL, drug dealers, pedophiles, and other unsavory types.

He described the situation as communications "going dark" for law enforcement.

Comey said that there were firms that provided encrypted end-to-end communications and yet still had the ability to read such messages as they travel through their servers, but declined repeatedly to say who these companies were or how their systems worked.

He recounted that the FBI had encountered situations where they were thwarted by encryption, but couldn’t provide details on either the numbers of such cases or on what was being investigated. But he was clear that it wasn't up to him to sort out breakable encryption – that is Silicon Valley's job.

"I'm not here to scare folks, I don’t know the solution [to crackable encryption]," he told the Senate Intelligence Committee. "I'm not sure we've really tried to do this. We have the talent to think about this in a good way. Maybe it's too hard, but this country wasn't made up of people who said 'It can't be done'."

On Tuesday the foremost names in the security industry published a paper explaining exactly why this was a bad idea. The paper was entered into evidence in today's hearings, and Comey said he'd read the executive summary and skimmed the rest, but insisted that American innovation could find a solution.

The need for movement on this matter was clear, he claimed. ISIL has over 21,000 Twitter followers and is using the social network to recruit people to kill here in the United States using encrypted communications and this must stop, he said.

Comey repeatedly said that the leaders of technology firms were "good people" but that they had a responsibility to help protect the public. He slammed Apple for adding encryption by default to the iPhone and claimed that the company was advertising the system as being proof against a warrant.

Senator Dianne Feinstein (D-CA) said that companies thwarting FBI investigations was extremely worrying and asked if technology firms should be required by law to report terrorist activity on their platforms. Comey said he wasn't an expert but that such a law could be useful.

"US companies, including in my home state, have an obligation to do everything they can to make sure their products are not used to feed the evil that ISIL generates," Feinstein said.

"I understand the need to protect records, but that doesn’t mean companies should configure services in a way that denies them the ability to respond to a court warrant. If companies won't voluntarily comply then they should be required to do so by legislation."

Senator John McCain (R-AZ) agreed wholeheartedly. If ISIL is recruiting Americans to carry out domestic terrorism, then all means possible should be used to stop them and their evil machinations.

"More than a conversation is needed, action is needed," he said. "Over time the ability for us to respond is diminished while the threat to us grows."

Under questioning Comey admitted that even if the US did pass laws allowing law enforcement access to encrypted information, there were still plenty of tools produced outside of the US that would be untappable, saying "we'd have a heck of a time trying to do that."

Comey declined to say if selling borked crypto would put American companies at a disadvantage when trying to sell overseas. But he praised the UK in particular for laws forcing people, on pain of prison, to hand over encryption keys – although he seemed to think the UK's Regulation of Investigatory Powers Act (RIPA) was called DRIPPA.

This caused some surprise to Senator James Lankford (R-OK). "It's a rare moment for Europe to be ahead of us on anything," he remarked. [How's that GSM phone, AES encryption, or magstriped chip and PIN credit card working for you senator? – ed.]

Senator Ron Wyden (D-OR) took a more skeptical line with Director Comey. He pointed out that most of the growth in interest and demand for encryption had come after US government agencies "twisted the law" to carry out surveillance on its own citizens and that the "going dark" issue was a result of this.

"I think this is headed towards proposals for a stockpile of encryption keys being held by companies for the government to access," he said. "I am willing to work on the idea, but I think this is a big time loser. It's a loser on security, a retreat on privacy, and will do great damage to our technology industry; I hope we don’t go there."

On hearing this, Senator Feinstein, who had left her microphone on, leaned over and asked Wyden where he had heard of such a scheme. No answer was heard, but it's clear that some politicians are seriously considering asking Silicon Valley to do the impossible. ®

Similar topics

Other stories you might like

  • China’s COVID lockdowns bite e-commerce players
    CEO of e-tail market leader JD perhaps boldly points out wider economic impact of zero-virus stance

    The CEO of China’s top e-commerce company, JD, has pointed out the economic impact of China’s current COVID-19 lockdowns - and the news is not good.

    Speaking on the company’s Q1 2022 earnings call, JD Retail CEO Lei Xu said that the first two years of the COVID-19 pandemic had brought positive effects for many Chinese e-tailers as buyer behaviour shifted to online purchases.

    But Lei said the current lengthy and strict lockdowns in Shanghai and Beijing, plus shorter restrictions in other large cities, have started to bite all online businesses as well as their real-world counterparts.

    Continue reading
  • Foxconn forms JV to build chip fab in Malaysia
    Can't say when, where, nor price tag. Has promised 40k wafers a month at between 28nm and 40nm

    Taiwanese contract manufacturer to the stars Foxconn is to build a chip fabrication plant in Malaysia.

    The planned factory will emit 12-inch wafers, with process nodes ranging from 28 to 40nm, and will have a capacity of 40,000 wafers a month. By way of comparison, semiconductor-centric analyst house IC Insights rates global wafer capacity at 21 million a month, and Taiwanese TSMC’s four “gigafabs” can each crank out 250,000 wafers a month.

    In terms of production volume and technology, this Malaysian facility will not therefore catapult Foxconn into the ranks of leading chipmakers.

    Continue reading
  • NASA's InSight doomed as Mars dust coats solar panels
    The little lander that couldn't (any longer)

    The Martian InSight lander will no longer be able to function within months as dust continues to pile up on its solar panels, starving it of energy, NASA reported on Tuesday.

    Launched from Earth in 2018, the six-metre-wide machine's mission was sent to study the Red Planet below its surface. InSight is armed with a range of instruments, including a robotic arm, seismometer, and a soil temperature sensor. Astronomers figured the data would help them understand how the rocky cores of planets in the Solar System formed and evolved over time.

    "InSight has transformed our understanding of the interiors of rocky planets and set the stage for future missions," Lori Glaze, director of NASA's Planetary Science Division, said in a statement. "We can apply what we've learned about Mars' inner structure to Earth, the Moon, Venus, and even rocky planets in other solar systems."

    Continue reading
  • The ‘substantial contributions’ Intel has promised to boost RISC-V adoption
    With the benefit of maybe revitalizing the x86 giant’s foundry business

    Analysis Here's something that would have seemed outlandish only a few years ago: to help fuel Intel's future growth, the x86 giant has vowed to do what it can to make the open-source RISC-V ISA worthy of widespread adoption.

    In a presentation, an Intel representative shared some details of how the chipmaker plans to contribute to RISC-V as part of its bet that the instruction set architecture will fuel growth for its revitalized contract chip manufacturing business.

    While Intel invested in RISC-V chip designer SiFive in 2018, the semiconductor titan's intentions with RISC-V evolved last year when it revealed that the contract manufacturing business key to its comeback, Intel Foundry Services, would be willing to make chips compatible with x86, Arm, and RISC-V ISAs. The chipmaker then announced in February it joined RISC-V International, the ISA's governing body, and launched a $1 billion innovation fund that will support chip designers, including those making RISC-V components.

    Continue reading
  • FBI warns of North Korean cyberspies posing as foreign IT workers
    Looking for tech talent? Kim Jong-un's friendly freelancers, at your service

    Pay close attention to that resume before offering that work contract.

    The FBI, in a joint advisory with the US government Departments of State and Treasury, has warned that North Korea's cyberspies are posing as non-North-Korean IT workers to bag Western jobs to advance Kim Jong-un's nefarious pursuits.

    In guidance [PDF] issued this week, the Feds warned that these techies often use fake IDs and other documents to pose as non-North-Korean nationals to gain freelance employment in North America, Europe, and east Asia. Additionally, North Korean IT workers may accept foreign contracts and then outsource those projects to non-North-Korean folks.

    Continue reading
  • Elon Musk says Twitter buy 'cannot move forward' until spam stats spat settled
    A stunning surprise to no one in this Solar System

    Elon Musk said his bid to acquire and privatize Twitter "cannot move forward" until the social network proves its claim that fake bot accounts make up less than five per cent of all users.

    The world's richest meme lord formally launched efforts to take over Twitter last month after buying a 9.2 per cent stake in the biz. He declined an offer to join the board of directors, only to return asking if he could buy the social media platform outright at $54.20 per share. Twitter's board resisted Musk's plans at first, installing a "poison pill" to hamper a hostile takeover before accepting the deal, worth over $44 billion.

    But then it appears Musk spotted something in Twitter's latest filing to America's financial watchdog, the SEC. The paperwork asserted that "fewer than five percent" of Twitter's monetizable daily active users (mDAUs) in the first quarter of 2022 were fake or spammer accounts, which Musk objected to: he felt that figure should be a lot higher. He had earlier proclaimed that ridding Twitter of spam bots was a priority for him, post-takeover.

    Continue reading

Biting the hand that feeds IT © 1998–2022