EFF, Snowden Dispute FBI Claims on Device Encryption

FBI blames North Korea for Sony hack

The FBI has long said that the use of strong encryption software hampers the bureau’s investigations and makes life easier for criminals. Current FBI Director James Comey continued this line of reasoning in a speech on Oct. 17, saying that the use of crypto could lead the country to a dark place, and the EFF and others said Monday that the FBI’s notions about encryption are outdated and naive.

Last week, Comey said in a forum at the Brookings Institute in Washington, D.C., that recent changes to Apple’s iOS and Google’s Android mobile operating systems that enable device encryption by default threatened to make mobile devices safe havens for criminals.

“We are not seeking to expand our ability to intercept communications. We are struggling to keep up,” he said. “Encryption threatens to lead us all to a very, very dark place. The place that this is leading us is one that I would suggest we shouldn’t go without careful thought and public debate.” 

Comey’s comments are reminiscent of ones made by previous FBI officials and other law enforcement officials who have warned for decades that the broad deployment of strong encryption by consumers would prevent investigators from being able to conduct the kind of surveillance they need to do their jobs. Various schemes have arisen over the years from law enforcement agencies looking to get access to cryptosystems, through mechanisms such as key escrow and deliberate backdoors. EFF officials said that any such scheme would weaken the security of a targeted system and endanger consumers’ privacy.

“The FBI should not be in the business of trying to convince companies to offer less security to their customers.”

“The FBI should not be in the business of trying to convince companies to offer less security to their customers. It should be doing just the opposite. But that’s what Comey is proposing—undoing a clear legal protection we fought hard for in the 1990s. The law specifically ensures that a company is not required to essentially become an agent of the FBI rather than serving your security and privacy interests. Congress rightly decided that companies (and free and open source projects and anyone else building our tools) should be allowed to provide us with the tools to lock our digital information up just as strongly as we can lock up our physical goods. That’s what Comey wants to undo,” Cindy Cohn of the EFF said in a blog post.

“Now just as then, the FBI is trying to convince the world that some fantasy version of security is possible—where “good guys” can have a back door or extra key to your home but bad guys could never use it. Anyone with even a rudimentary understanding of security can tell you that’s just not true.” 

Also on Monday, Edward Snowden said during a conversation with Lawrence Lessig of the Harvard Law School that backdoors in any system invite use by anyone who can find them, not just law enforcement.

“Once you bake a backdoor into something, you can’t control who walks through it,” Snowden said. “The NSA has done this for ages. This isn’t theoretical. These things are out there. By enabling this sort of surveillance, you’re actually weakening security, compromising the security of society for the benefit of an agency.

“The real question is, how many phones has the FBI or NSA seized that they couldn’t break the crypto on? The last count is only three or four. They’ve seized many more that they can break. So really, is this the problem that it’s claimed, compared to the good that good encryption practices provide society?”

Suggested articles

Discussion

  • Dick Wilmot on

    I might treat the FBI's problem more seriously AFTER I get my Fourth Amendment back, AFTER the NSA's giant databases (and backups) are erased, AFTER the NSA stops sharing its illegal taps with DEA and other law abuse agencies, AFTER the unconstitutional seizure laws are repealed/struck down. And why should I trust the FBI anyway? They have a horrible history of abusing our rights. I trust them to be just as criminal as the 'bad guys'. Stop spying on loyal Americans. Restore our rights.
  • ODA155 on

    "And why should I trust the FBI anyway?"... really, especially when you can trust Edward Snowden, right?
  • Laphomic on

    the only place where you can be sure the FBI is keeping dark is the place where J.Edgar Hoover and Co. were plotting against democracy and freedom in the USA for decades
  • Salvatore on

    I'd be happy to give the FBI as many backdoors as they want, if: a) they are willing to compensate victims of identity theft and fraud that result from this; b) that compensation uses money from the FBI's own annual budget, and c) Lawyers have full access to knowledge of what commercial devices, software and systems have back doors, so people can, when necessary, sue the FBI to make sure the FBI pays pack the victims of backdoor misuse by criminals.
  • Everseeker on

    Yes, they have masterminded a vast conspiracy to cover themselves, yet you were clever enough to see through it all and, due to the tin foil hat you wear, are immume to their attempts to silence you as you share The Truth with us poor peons .... Woo hoo

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.