Don't Panic. Making Progress on the "Going Dark" Debate
A report from the Berkman Center for Internet and Society at Harvard University
February 1, 2016
A report from the Berkman Center for Internet and Society at Harvard University
February 1, 2016
The decisions of Apple, Google, and other major providers of communications services and products to enable end-to-end encryption in certain applications, on smartphone operating systems, as well as default encryption of mobile devices, at the same time that terrorist groups seek to use encryption to conceal their communication from surveillance, has fueled [the "Going Dark"] debate.
The U.S. intelligence and law enforcement communities view this trend with varying degrees of alarm, alleging that their interception capabilities are "going dark." As they describe it, companies are increasingly adopting technological architectures that inhibit the government's ability to obtain access to communications, even in circumstances that satisfy the Fourth Amendment's warrant requirements. Encryption is the hallmark of these architectures. Government officials are concerned because, without access to communications, they fear they may not be able to prevent terrorist attacks and investigate and prosecute criminal activity. Their solution is to force companies to maintain access to user communications and data, and provide that access to law enforcement on demand, pursuant to the applicable legal process. However, the private sector has resisted. Critics fear that architectures geared to guarantee such access would compromise the security and privacy of users around the world, while also hurting the economic viability of U.S. companies. They also dispute the degree to which the proposed solutions would truly prevent terrorists and criminals from communicating in mediums resistant to surveillance.
The FBI discusses the going dark issue on its web-page, saying "Law enforcement at all levels has the legal authority to intercept and access communications and information pursuant to court orders, but it often lacks the technical ability to carry out those orders because of a fundamental shift in communications services and technologies. This scenario is often called the "Going Dark" problem. Law enforcement faces two distinct Going Dark challenges. The first concerns real-time court-ordered interception of data in motion, such as phone calls, e-mail, text messages, and chat sessions. The second challenge concerns "data at rest" - court-ordered access to data stored on devices, like e-mail, text messages, photos, and videos. Both real-time communications and stored data are increasingly difficult for law enforcement to obtain with a court order or warrant. This is eroding law enforcement’s ability to quickly obtain valuable information that may be used to identity and save victims, reveal evidence to convict perpetrators, or exonerate the innocent."
An article on Deep Dot Web made a counter argument stating “Going dark–this is a crock. No one’s going dark. I mean really, it’s fair to say that if you send me a message and it’s encrypted, they can’t get that without going to you or to me, unless one of us has it in our cloud at this point. But we shouldn’t all be fixated just on what’s not available. We should take a step back and look at the total that’s available, because there’s a mountain of information about us.” Grossman, Lev. “Apple CEO Tim Cook: Inside His Fight With the FBI.” Time, 17 Mar. 2016. Web. 12 May 2017. “Going Dark” is a myth. State hackers possibly outrank the FBI in a cat and. mouse scenario. Not singular entities. Not darknet marketplace vendors. Not CP forum owners. The FBI simply wants their job easier. Not an unreasonable desire as encryption can be a pain to deal with. But their argument is backed up by numerous success stories, proving the exact opposite of what they claim.
My personal opinion is in favor of strong encryption. Yes, this may on occasion make it more difficult for law enforcement to obtain information that want during an investigation, but I believe that the advantages of strong encryption far outweigh any risks posed to law enforcement investigations. Weakening encryption creates a backdoor that can be exploited by hackers and other criminals, and there is no guarantee that the government could protect an escrow / law enforcement decryption key from being compromised. Just look at the number data breaches that have occurred, or something as simple as TSA being unable to safeguard the master keys to "TSA Approved Travel Locks". Simply put if we accept weakened encryption and escrowed keys - our encryption will in time be compromised.
Mary had a crypto key.
She kept it in escrow.
And everything that Mary said the Feds were sure to know.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.