❝ An Obama administration working group has explored four possible approaches tech companies might use that would allow law enforcement to unlock encrypted communications — access that some tech firms say their systems are not set up to provide.
The group concluded that the solutions were “technically feasible,” but all had drawbacks as well.
The approaches were analyzed as part of a months-long government discussion about how to deal with the growing use of encryption in which no one but the user can see the information. Law enforcement officials have argued that armed with a warrant they should be able to obtain communications, such as e-mails and text messages, from companies in terrorism and criminal cases.
❝ Senior officials do not intend to advance the solutions as “administration proposals” — or even want them shared outside the government, according to a draft memo obtained by The Washington Post.
Why? — They’re afraid Americans still believe our government should protect our privacy.
“Rather than sparking more discussion, government-proposed technical approaches would almost certainly be perceived as proposals to introduce ‘backdoors’ or vulnerabilities in technology products and services and increase tensions rather [than] build cooperation,” the memo said.
❝ …National Security Council spokesman Mark Stroh stated in an e-mail that “these proposals are not being pursued.”
And we’re supposed to believe him…after the Obama White House spent a month trying to figure out how to get away with achieving these proposals.
❝ Instead of offering technical solutions, the working group drew up a set of principles to guide engagement with the private sector. They include: no bulk collection of information and no “golden keys” for the government to gain access to data.
All of which were suggested by assorted government experts in the Obama administration.
❝ All four approaches amount to what most cryptography experts call a “backdoor” because they would require developers to alter their systems by adding a surreptitious mechanism for accessing encrypted content, according to Joseph Lorenzo Hall, chief technologist at the Center for Democracy & Technology…
Technologists have said such approaches weaken the security of encryption by adding layers of complexity that might hide bugs and creating new potential targets for hackers.
In general, creating an “aftermarket solution” instead of designing a solution into the platform from the start “brings in additional vulnerabilities” that could be exploited, the law enforcement official acknowledged.
❝ These are some of the reasons why federal officials say they want the companies themselves to craft solutions based on their own systems.
❝ …A number of encryption solutions are built by groups of open-source developers, who make the software available for free on the Internet. The open-source nature of the code makes it harder to hide a backdoor. And because the developers are often dispersed among different countries and volunteers who are not working for any company, it is impractical for law enforcement to serve an order on one that’s enforceable on all.
“These challenges mean that inaccessible encryption will always be available to malicious actors,” the memo said…And to individuals who still think their privacy trumps a government run to satisfy police above all else..