Quillian and Comey
The director of the Federal Bureau of Investigation has warned US senators that the threat from the Islamic State merits a “debate” about limiting commercial encryption – the linchpin of digital security – despite a growing chorus of technical experts who say that undermining encryption would prove an enormous boon for hackers, cybercriminals, foreign spies and terrorists.
In a twin pair of appearances before the Senate’s judiciary and intelligence committees on Wednesday, James Comey testified that Isis’s use of end-to-end encryption, whereby the messaging service being used to send information does not have access to the decryption keys of those who receive it, helped the group place a “devil” on the shoulders of potential recruits “saying kill, kill, kill, kill”…
He added: “I am not trying to scare folks.”
Since October, following Apple’s decision to bolster its mobile-device security, Comey has called for a “debate” about inserting “back doors” – or “front doors”, as he prefers to call them – into encryption software, warning that “encryption threatens to lead us all to a very, very dark place”.
But Comey and deputy attorney general Sally Quillian Yates testified…they did not wish the government to itself hold user encryption keys and preferred to “engage” communications providers for access, though technicians have stated that what Comey and Yates seek is fundamentally incompatible with end-to-end encryption.
Comey, who is not a software engineer, said his response to that was: “Really?”…
…Comey’s campaign against encryption has run into a wall of opposition from digital security experts and engineers. Their response is that there is no technical way to insert a back door into security systems for governments that does not leave the door ajar for anyone – hackers, criminals, foreign intelligence services – to exploit and gain access to enormous treasure troves of user data, including medical records, financial information and much more.
The cybersecurity expert Susan Landau, writing on the prominent blog Lawfare, called Comey’s vision of a security flaw only the US government could exploit “magical thinking”…
In advance of Comey’s testimony, several of the world’s leading cryptographers, alarmed by the return of a battle they thought won during the 1990s “Crypto Wars”, rejected the effort as pernicious from a security perspective and technologically illiterate.
A paper they released on Tuesday, called “Keys Under Doormats”, said the transatlantic effort to insert backdoors into encryption was “unworkable in practice, raise[s] enormous legal and ethical questions, and would undo progress on security at a time when internet vulnerabilities are causing extreme economic harm”.
I guess all these years spent successfully stopping enemies of democracy [excluding politicians and elected officials] before encrypted communications were broadly, cheaply possible were just a fluke.
Perhaps time spent hiring and training talented well-educated people to work within a system that respects democratic freedoms may have something to do with it. Perhaps aiding folks, domestic and foreign, to build a better life – instead of simply insisting upon obedience – might diminish the danger from demagogues.