In the first 11 months of the fiscal year, federal agents were unable to access the content of more than 6,900 mobile devices … “To put it mildly, this is a huge, huge problem,” Wray said. “It impacts investigations across the board — narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation.”
Tech companies, of course, want to protect their customers’ privacy.
The Justice Department under President Donald Trump has suggested it will be aggressive in seeking access to encrypted information from technology companies. But in a recent speech, Deputy Attorney General Rod Rosenstein stopped short of saying exactly what action it might take.
You cannot give out back-doors, because someone else will find a way to break them. I do not think the Feds (or other police) will/should win this battle.
The FBI solved crimes before people had cell phones. I’m open to hearing other views, but I start out on the side of privacy. (I say this as someone who doesn’t even my a screen lock on my iPhone)
Anything that allows the FBI to bypass encryptions as part of their investigations will allow a sufficiently skilled and motivated bad actor to bypass your grandmother’s phone encryption and access her personal data. There simply isn’t a grey area here.
And realistically, it’s worse than that. Assuming that the US forces tech companies to build them backdoors, then the criminal organizations will move to other device vendors and encryption technologies not concerned with the US’s directives. Which means the FBI still wouldn’t be able to get into those phones, but you and I will have had our security compromised. What a great tradeoff.
I agree with Inner Stickler. Any backdoor or something like that can and will be exploited by someone with criminal intent. I have question though, why can’t the FBI just subpoena that the phone be unlocked or something? Like some sort of digital warrant that can be issued by the court. Then Jo Schmo would have to use the thumb print or PIN to unlock the phone or be held in contempt of court.
From what I understand, when and if we switch to quantum computing things are going to be unhackable anyway.
I don’t think that’s a fair comparison. Yes, they solved crimes before people had cell phones, but since cell phones didn’t exist, there wasn’t anything on them to see.
[hypothetical, I’m not for handing out back doors to law enforcement]
That would be like saying they can no longer search cars. They did their job before people had cars, surely they can still do it without access to them.
Gaining access to cell phones gives people a ton of information. Texts, emails, contacts etc. All things that don’t exist outside of the cellular network/phones/cloud.
Hell, the FBI can exploit it at will. The subpoena is the only way to go. It’s the difference between law enforcement asking the landlord to unlock your neighbor’s door and asking for the master key to the entire building.
Cryptography is a genie that’s out of the bottle, and can’t be put back in. The information on how to do it is publicly available, and the best crypto systems, properly implemented, are too strong for anyone to crack. I can see why law enforcement might not like that fact, but it is a fact, and they can’t change it. Deal with it.
One of the cases mentioned was the San Bernardino shooter, who was already dead when the got ahold of his phone. If it was an iPhone that had been turned off, you cannot even try his fingerprint, because those require a text passcode and lock up after ten failures.
I would feel better about it if I had any faith at all that it would be limited to crime prevention. However, we have learned to our collective misfortune that given a chance to violate people’s rights for non-constitutional reasons government will do so. There is no freight of trust - even with the FBI - with governmental institutions in the age of surveillance.
Trust has to be earned. They don’t even try. I wouldn’t trust the FBI to not access data that they could access for improper uses even if I had a personal ‘Kill everyone in government’ switch. They’d still try and hope to keep it hidden. And it would be to advance some personal or political agenda with which I would likely disagree.
I’m assuming they’re referring to phones that have been “locked” through encryption, which could meant that even the suspects might not have access. If they can establish that someone is deliberately encrypting a phone to impede a law enforcement investigation, that’s a felony in and of itself. Proving it may not always be easy though.
What would a national government do if a company chooses not to comply with a law demanding a ‘backdoor’, however introduced? Ban them from the country? I guess that would mean cutting off their servers at the border. Wouldn’t their citizens just go elsewhere and use another service that remains secure? (Until the government bans it too.)
It would probably be a pretty spirited debate between the law enforcement and national security elements within the various agencies, like FBI. One can certainly understand why law enforcement would want access to encrypted data, but a backdoor inevitably puts at considerable risk the devices that these same agencies use to transmit, receive, and store sensitive information. China and Russia would have a backdoor to exploit.
My thought on it is, I doubt law enforcement really needs a backdoor as much as we’re led to believe. I’m sure it fills in some missing holes in certain cases, helps law enforcement connect dots during investigations, helps them expedite cases, but they have other tools at their disposal, like electronic eavesdropping and a multitude of forensics tools. I’m not sure their need to unencrypt data outweighs the greater dangers to highly classified information.
I think the backdoor would not really apply to network data. The fuzz just want to be able to break into your physical media to get at evidence. And just about anything is evidence. You may be completely innocent, but they will be looking for the smallest thing they can find that will snare you, because that is what they do.
Not to mention if there was a back door, couldn’t you easily defeat it by using aftermarket strong encryption apps for comminications that you’d rather never be seen?
The key to mobile device security is embedded in the SoC, which means it is basically baked into the chip in a way that makes the encryption keys externally inaccessible. After-market encryption would have exposed keys stored somewhere on the SSD, meaning it would be somewhat/much easier to get at them.
I was thinking along the lines of the types where the key is a whole long phrase, easily recalled by humans but nearly impossible to crack, but I guess that sort would probably pop up in a keyboard cache somewhere …eh anyway just stumbling In the dark there