FBI director Christopher Wray has addressed a cyber-security conference and again called for technologists to innovate their way around strong cryptography.
Wray spoke at the Boston College / FBI Boston Conference on Cyber Security on March 7. He told the audience the issue of crypto can be solved because the industry's created cloud platforms users can access from anywhere.
No, really: the speech is here, and here's the relevant excerpt:
"For one thing, many of us in this room use cloud-based services. You’re able to safely and securely access your e-mail, your files, and your music on your home computer, on your smartphone, or at an Internet café in Tokyo … That didn’t happen by accident. It’s only possible because tech companies took seriously the real need for both flexible customer access to data and cyber security."
All the FBI wants, he said, is for “law enforcement’s own lawful need to access data be taken just as seriously.”
FBI says it can't unlock 8,000 encrypted devices, demands backdoors for America's 'public safety'READ MORE
Wray told the conference he's spent the last six months “catching up on all things cyber”, and that as a whole, the agency needs “more cyber and digital literacy in every program throughout the bureau”.
Wray saved the issue of cryptography until the end of his speech, after telling the audience the bureau wants laws updated to keep pace with technology.
Wray reiterated his complaint regarding FBI's inability to access the content of nearly 7,800 phones in fiscal 2017, “more than half the devices we attempted to access in that timeframe”, is “a major public safety issue”.
“This problem impacts our investigations across the board—human trafficking, counterterrorism, counterintelligence, gangs, organised crime, child exploitation, and cyber”, Wray said.
The answer, according to the new speech, is that “information security programs need to be thoughtfully designed so they don’t undermine the lawful tools we need to keep the American people safe”.
As always, Wray did not stipulate how this might be accomplished, saying he's “open to all constructive solutions, solutions that take the public safety issue seriously”.
Crypto-gurus: Which idiots told the FBI that Feds-only backdoors in encryption are possible?READ MORE
Taking public safety seriously means having the private sector “respond to lawfully issued court orders, in a way that is consistent with both the rule of law and strong cybersecurity. We need to have both, and can have both.”
There you go, tech sector: “this entails varying degrees of innovation by the industry to ensure lawful access is available. But I just don’t buy the claim that it’s impossible.”
None of this means a backdoor, he said, because he defines a backdoor as “some type of secret, insecure means of access. What we’re asking for is the ability to access the device once we’ve obtained a warrant from an independent judge, who has said we have probable cause.” ®