France approves sweeping spy bill in response to Islamist attacks
- Get link
- Other Apps
Lawmakers in the French National Assembly have overwhelmingly approved a new bill giving the country’s intelligence services unprecedented domestic spy capabilities. The bill, which is dismissed by critics as France’s version of the United States’ PATRIOT Act, was drafted by the ruling Socialist Party just days after a group of armed Islamists attacked several targets in Paris. The attacks were primarily directed against France’s popular satirical magazine Charlie Hebdo.
Junaid Hussain spent time in British prison for hacking PM Tony Blair's account.
And how GMOs could be 'bioweapons.'
A former FBI agent has been accused of driving to the gate of the CIA in Langley, Virginia, and issuing a number of violent threats.
Off-duty cop placed on paid leave after groping woman, biting man's genitals.
Next Page of Stories
Loading...
Page 2
A prominent ISIS recruiter is linked to a shooter in the Texas attack. Also, CBS News learns new information about what may have contributed to the death of SurveyMonkey CEO David Goldberg; your world in 90 seconds
As the city recovers from the turmoil over the death of Freddie Gray, federal help has been requested to ferret out problems in the department
Unanimous city council vote approving reparations means dozens of torture victims from as far back as the 1970s could get thousands each from the city
U.S. and coalition military forces have continued to attack Islamic State of Iraq and the Levant terrorists in Syria and Iraq, Combined Joint Task Force Operation Inherent Resolve officials reported.
President Barack Obama has nominated Marine General Joseph Dunford, Jr. as the next chairman of the Joint Chiefs of Staff.
The United States is not ready to credit the Islamic State terror group with carrying out Sunday's attack on a convention center outside Dallas, Texas.
Next Page of Stories
Loading...
Page 3
Iran will never give up enrichment in its soil at any price, Foreign Ministry Spokesperson Marzieh Afkham said on Wednesday.
Russia is revising its national security strategy in a bid to better counter new threats and challenges in the region and across the world, a top Russian official says.
The Project 22350 Admiral Gorshkov-class lead frigate will undergo new trials in the Gulf of Finland in mid-May and enter service in the Russian Navy by the yearend, United Shipbuilding Corporation President Alexey Rakhmanov said on Wednesday.
Senior member of the Iranian nuclear negotiations team Abbas Araqchi said Iran has never accepted any inspections beyond the Additional Protocol and is not going to do so in the future, either.
According to Airborne Troop Commander Col.-Gen. Vladimir Shamanov, Russia's Airborne Troops will soon be reinforced with tank units.
Western leaders are boycotting a massive military victory parade in Moscow this week that commemorates the 70th anniversary of the end of World War II because of Russia's actions in Ukraine. But many Asian leaders, including China's President Xi Jinping, will be attending – underscoring how Russia is looking East as tensions with the West increase.
Next Page of Stories
Loading...
Page 4
The Georgian Defense Ministry has announced that heavy US military equipment intended for joint US-Georgian 'Exercise Noble Partner' has arrived in the port of Batumi.
The military commander of Ukraine's Neo-Nazi Azov Battalion has promised his fighters will not lay down arms until its flags are raised over the regions of Donbass and Crimea; the unit has marked the first anniversary of its formation.
Turkey is showing interest in Russian air defense systems, Russia's state arms exporter Rosoboronexport Deputy Head Sergey Goreslavsky said at the IDEF-2015 arms exhibition on Wednesday.
The United States has deployed four more warplanes to Estonia amid increasing tensions with Russia over the crisis in Ukraine.
Russia's Security Council has taken a decision to adjust the national security strategy till 2020 and the doctrine of Russia's information security, Russian Security Council Secretary Nikolay Patrushev said in a feature article to be published in Wednesday's issue of the Krasnaya Zvezda newspaper.
According to Rostec, the Latin American market for Russian helicopters is quite large and the region has great potential for trade with Russia, especially in the manufacturing sector.
Next Page of Stories
Loading...
Page 5
Slashed budgets and high worldwide demand for U.S. military forces have created an unbalanced defense program that is taking on increasingly greater risks, Defense Secretary Ash Carter told a Senate panel this morning.
US President Barack Obama's choice for vice chairman of the Joint Chiefs of Staff (JCS) is well versed in the challenges that have thus far prevented Israel and the Palestinian Authority from realizing US and international goals of a two-state peace deal
Leaders of the Senate Armed Services Committee vowed to follow the House committee's lead and block the Air Force's move to retire the A-10 Warthog fleet.
Project Foxhole is the name of Israel's secret weapon first employed in the final stages of Israel's grueling anti-tunnel war in Gaza as part of Operation Protective Edge.
Hungry for defense deals, France has cozied up to the Gulf monarchies, winning several billion-euro contracts in the process, but its strategy of backing one side in the region's Sunni-Shia power struggle is risky, say experts.
Defense Secretary Ashton Carter and key Senate Democrats on Wednesday slammed a Republican-concocted plan to offset defense-spending limits by inflating a war fund.
Next Page of Stories
Loading...
Page 6
The U.S. Navy has ended its week-old mission to accompany American- and British-flagged ships through the Strait of Hormuz at the mouth of the Persian Gulf, a Pentagon spokesman said Wednesday.
The commander of US Navy Cyber announced a five-year strategy, and like the Pentagon's cyber strategy announcement two weeks earlier, acknowledged the dire need for talented workers with the skills to fend off the nation's foes.
New York Times (blog) |
Sinosphere | In China, Pigs Are Flying. Almost.
New York Times (blog) Images on the Internet and reports in newspapers suggest that creating a leaping, amphibious pig is another realm where China, which raises more than half the world's pigs, can claim global pre-eminence. Online photos show piglets prodded to dive off a ... and more » |
The Hill |
Perry criticizes Texas governor for sending state guard to monitor US military
The Hill News of the military training plan has been public for a few months, but conspiracy theories have festered about the true intention of Operation Jade Helm 15, including claims the military is preparing to declare martial law or confiscate the weapons ... Louie Gohmert Gets Why Some Texans Are Worried About a Military TakeoverNational Journal Rick Perry suggests Greg Abbott went too far in questioning US military ...Dallas Morning News (blog) No, Pentagon says: Were not plotting the military takeover of TexasPolitico Washington Post -Texas Tribune -KENS 5 TV all 320 news articles » |
When the Fordham Law graduate was asked what in the Constitution left “hate speech” excluded from protection, he cited the case of Chaplinsky v. State of New Hampshire (1942). Actually, he cited it over and over and over again on Twitter, apparently under the misimpression that if he kept repeating the word “Chaplinsky,” Beetlejuice would magically appear and alter the First Amendment’s text and meaning.
The Chaplinsky case, for the record, found that “fighting words” – direct insults to people personally – were not Constitutionally protected. That case is totally inapplicable to Pam Geller’s drawings of Mohammed; the Supreme Court has found that burning the flag, KKK cross burnings, KKK anti-Semitic marches, and Westboro Baptist church demonstrations at military funerals, among other offensive speech, are all protected by the First Amendment. Eventually, Cuomo was forced to concede that he didn’t know what he was talking about, and suggested that most “hate speech” was in fact covered by the First Amendment.
Unfortunately, Cuomo’s attempts to write politically incorrect “hate speech” out of the Constitution have become less and less anomalous. A report this week from Lindsay Wise and Jonathan S. Landay at McClatchy asked, “After Texas shooting: If free speech is provocative, should there be limits?” Naturally, the authors concluded that there should by quoting non-expert constitutional law expert John Szmer of the University of North Carolina at Charlotte, who kindly explained, “I don’t think it is unreasonable to expect what they were doing would incite a violent reaction.” That, of course, is not the test of “fighting words” – any politically controversial words could generate a violent reaction. Any attempt to shut down political speech based on the content of the political speech violates the First Amendment (see, e.g., RAV v. St. Paul). That holds true whether the political speech generates violent reaction or not.
But the Constitution is no barrier for a left that seeks to turn American freedom of speech into European or Canadian freedom of speech, subjecting liberty to the discerning eye of the political elites. The Los Angeles Times said that the “Texas attack refocuses attention on fine line between free speech and hate speech” – a line that does not exist, Constitutionally or morally. Radio host Richard Fowler stated that drawing a picture of Mohammed was “just like going into a crowded theater and yelling out fire, or going into a black church and yelling out the n-word,” drawing an entirely proper rebuke from Fox News’ Megyn Kelly.
In the aftermath of the Charlie Hebdo attack, Professor Erik Bleich of Middlebury College wrote atHuffington Post that “Limiting Hate Speech Is Important, Even After Charlie Hebdo.” In January, NPRasked, “When Should Free Speech Be Protected?” In March, Kent Greenfield of The Atlantic wrote, “We are told the First Amendment protects the odious because we cannot trust the government to make choices about content on our behalf…If that is what the First Amendment means, then we have a problem greater than bigoted frat boys. The problem would be the First Amendment.” AuthorJeremy Waldron wrote an entire book, reviewed by Justice John Paul Stevens, calling for regulation of “hate speech.” Our college campuses (including state universities) have been overrun by the “hate speech” police, who are willing to suspend or expel students for exercising their rights or failing to provide “trigger warnings” for their unmannerly expression.
Unfortunately, the “hate speech” police have taken over the entire political left. As Matt Vespa points out, a 2014 Washington Post poll showed that while 60 percent of Americans thought publishing cartoons of Mohammed was “okay,” and over 70 percent believed that there is a right to offend under the First Amendment. But the First Amendment Center published a 2013 poll showing that 40 percent of Americans said the First Amendment “goes too far,” and 56 percent of Americans refused to support a right to say things that are racially offensive (47 percent refused to support a right to say things that are offensive to religious groups).
A YouGov poll from 2014 asked whether Americans would support or oppose a law “that would make it a crime for people to make public comments that advocate genocide or hatred against an identifiable group based on such things as their race, gender, religion, ethnic origin, or sexual orientation?” Fifty-one percent of Democrats supported such a law in violation of the First Amendment; just 21 percent of Democrats opposed such a law. Meanwhile, among Republicans, just 25 percent supported such a law, while 49 percent opposed. Independents sided with Republicans, with 53 percent opposing such laws and 27 percent supporting. Forty-nine percent of blacks supported such a law; so did 49 percent of Hispanics. A plurality of women supported the law as well. Overall, only a bare plurality of Americans, 38 percent to 36 percent, opposed laws criminalizing “hate speech.”
Between a Democratic Party seeking to criminalize political spending and a leftist media seeking to criminalize unapproved speech, the First Amendment is on very shaky footing. No wonder ISIS is looking to euthanize it once and for all.
Ben Shapiro is Senior Editor-At-Large of Breitbart News and author of the new book, The People vs. Barack Obama: The Criminal Case Against The Obama Administration (Threshold Editions, June 10, 2014). Follow Ben Shapiro on Twitter @benshapiro.
Read the whole story
· · ·
As cybercrime grows, so do the FBI’s attempts to fight it.
Late last week, the Federal Bureau of Investigation announced the appointment of Joseph M. Demarest Jr. to the newly established role of associate executive assistant director for the bureau’s Criminal, Cyber, Response, and Services Branch (CCRSB).
As explained in a press release, FBI Director James B. Comey created the position specifically in response to the FBI’s need to expand its operations related to cyber and criminal investigations, international operations, critical incident response, and victim assistance.
“In his new role, [Demarest] will serve as chief operations officer for CCRSB — providing technical advice and guidance across its components while establishing and nurturing relationships with federal, state, and local law enforcement and intelligence agencies,” said Comey in the release. “With almost 30 years of FBI experience in investigative operations and national security matters, Joe brings a wealth of subject matter expertise to this new executive position.”
The release states that Demarest — who has been with the FBI since 1988 — most recently held the position of assistant director of the bureau’s Cyber Division.
The creation of his new position comes at a time when, as The Hill points out, the FBI and other agencies — such as the Justice and Homeland Security Departments — are struggling to keep pace with ever-evolving cybercrime activity, restructuring offices and forming all-new positions dedicated to that fight.
The outlet additionally puts forth the likelihood that, based on Comey’s remarks, he believes Demarest’s varied experience will be particularly beneficial in improving communication between various governmental departments in the battle against cybercrime.
Should this be the case, it would be a furtherance of goals previously established by the Cyber Threat and Intelligence Integration Center (CTIIC), an organization that President Barack Obamaauthorized earlier this year for the purposes of coordinating information between various agencies and departments that handle cyberattacks.
Next Page of Stories
Loading...
Page 7
CLEVELAND - Perhaps the biggest challenge that cyber crime poses to the FBI is how to convey just how much of a threat it is to the United States and you.
“It’s your info they’re coming after,” warned Joe Demarest, Assistant Director to the FBI’s Cyber Crime Division, on a recent visit to Northeast Ohio to meet with the Cleveland field office and address the City Club about these concerns.
Cyber threats have shot to the top of the FBI's concerns because it involves everything regarding money and technology.
As are all of the FBI’s field offices, the Cleveland FBI is working to prevent the devastating losses that cyber crime can have on business in Northeast Ohio.
In recent years, the FBI established a cyber task force at each of its 56 field offices, manned by about 1,200 people.
On April 25, news surfaced that Russian hackers breached White House computers and obtained sensitive information, including President Obama’s unclassified email.
While that is a stunning headline, cyber crime still comes off as a distant, abstract concept to average people – at least, until their identity gets stolen.
Demarest said cyber threats generally fall into five different categories.
CYBER TERROR
The FBI is most worried about cyber terror from groups like ISIS, Hezbollah, Hamas, and the Cyber Caliphate.
One nightmare scenario would see such a group attacking the electronic infrastructure of the U.S. and knocking out our power indefinitely.
But Demarest said the impact of cyber terror can be much more subtle.
In January, all it took was a message on Twitter to create a bomb scare on two commercial jets, resulting in F-16 fighter jets escorting the planes to their destination, where bomb squads went through the luggage of every passenger.
It was a hoax.
But Demarest said that terror groups take note of the reaction and quickly learn how they can disrupt life in America with a simple posting on social media.
Also in January, the group calling itself Cyber Caliphate hacked the Twitter account of U.S. Central Command.
Classified information was not accessed, but from a public viewpoint, Demarest said that type of hacking is an embarrassment for such an important government agency.
“I feel sorry for them,” he said. “Pretty big deal.”
Nevertheless, Demarest said hacking into a social network is low level.
What is more alarming is how terror groups like ISIS have used social networking to their advantage, recruiting an army of hackers worldwide.
“It's hard to believe they developed that capacity,” Demarest noted.
NATION STATES
Much like the aforementioned Russian hacking, the FBI’s next area of cyber concern is foreign countries trying to steal our industrial information or military secrets.
“Nation states – the most prolific army working against us,” Demarest said.
One of the most notable recent cases was North Korea hacking Sony Pictures over the controversial comedy “The Interview” in December.
Within hours of the attack on Sony, Demarest said the FBI had teams on the ground at Sony offices, going from computer to computer.
Thousands of emails from Sony employees were exposed, causing some people to lose their jobs while the financial damage to Sony ran into the millions of dollars.
No two nation states are alike in regards to the threat they pose to the U.S.
Demarest said China remains the biggest threat; Asian actors tend to infiltrate the U.S. health care industry.
While Russia poses a threat, Demarest said its abilities are not as good as ours – although its know-how can sometimes be traced back here.
“There are [people with] PhDs working against us on the other side of the world. Many are trained here in the U.S.,” he said.
Although the U.S. is currently working on a nuclear deal with Iran, the country remains a threat in the Middle East.
Demarest said the FBI has watched – in real time online – as Iran updated its hacking skills while attacking U.S. banks.
Demarest said Middle Eastern actors, like Iran, want to see how we defend ourselves. With every attack, they collect and analyze our reaction, then evolve their skills for the next attack.
Skilled hackers make stealing information appear to be normal data transfers. Many businesses do not realize they were hit until the damage is done.
For these reasons, the FBI has developed cyber threat teams that focus on different countries, like China, Iran, and Russia.
These agents have extensive knowledge and expertise about these various countries.
In fact, the FBI can sometimes gauge the age range and location of hackers based on timing.
“During World Soccer Cup, all our actors go quiet for two weeks,” Demarest noted.
CYBER CRIMINALS
The third most worrisome group for the FBI is the average criminal with savvy computers skills who wants to get access to your personal information.
And the person who actually steals your Social Security number, pin numbers, and passwords may not be the one who ultimately exploits it.
These criminals do not necessarily have to hack your computer to get this information.
Millions of Americans’ personal info was exposed after being targeted by cyber criminals in 2014. Among those include people who conducted financial business with Target, Home Depot, UPS, and Anthem Blue Cross.
Demarest said those criminals typically sell the information to the highest bidder on the dark web.
What exactly is the dark web? If you’re law abiding and reading this, you don’t have access to it.
The dark web is a series of websites that do not show up in search engines, but are a virtual playground where cyber criminals run wild.
“This is the Wild West,” Demarest said.
One of the most notorious sites on the dark web was known as Silk Road. It was a Tor hidden service where users typically traded goods using Bitcoin. The FBI shut it down in 2013.
James Noga, Vice President and Chief Information Officer for Partners Healthcare, said that medical records can go for $50 on dark web bidding.
The term “health care fraud” does not grab the average person’s interest, but its impact is significant. Noga said $12 billion were lost in such crime last year.
Cyber criminals have hacked the health care industry for much more than insurance fraud.
Hacking has been used to create fake prescriptions and - in some cases - criminals have received treatment under the name of a real person.
Noga said there have been times where patients will go to the doctor, only to be told they cannot give blood because they are on record as having a disease.
Except it’s not the patients with the disease; it was the criminal who used their name to get prior treatment.
“If you lose your insurance card, treat it like a credit card and report it,” Noga said.
But the goals and impact of cyber criminals can go beyond economics.
Noga said that today’s technology raises the concern that criminals can hack into operating rooms and interfere with blood pressure equipment or even anesthesia levels.
But the typical American is most likely to feel the impact of a cyber criminal who targets his or her identity and steals that information.
Demarest said these personal stories are the ones that catch the average American’s attention and alerts them to the importance of vigilance online.
“Numbers are numbers,” Demarest said, “but the personal story resonates the most in trying to reach the audience about dangers.”
Many people hear of big companies like Anthem Blue Cross and lose interest. But hearing about a grandmother who lost her life savings over such a breach sounds the alarm.
When doing any business online, people should always be careful about the websites they load personal information on.
Noga said that cyber criminals will scan your social media accounts to look for personal information they can use to gain access to your financial accounts.
Just consider how many people have their birth dates visible on Facebook.
If your computer is hacked, you could be posting personal info on a legitimate website, but your server is still feeding the information to hackers.
Because of this, it is important for people to never click on questionable links – even ones that your friends post on social media – and always delete suspicious emails.
Denial of service attacks are becoming more common. This is often referred to as “ransomware.”
A person’s computer will get infected, and the hacker will “lock” the computer, forcing the victim to pay a ransom online to get access to the computer’s files again.
Noga said people have had to pay to retrieve their medical records.
It is also quite common for email accounts to get hacked. You may get an email sent from a friend’s account, suggesting you click on a link for a great deal or to watch a cute video.
Except that email was not sent by your friend, and clicking on it downloads a virus or malware onto your computer.
Noga said people should be as suspicious of emails in their inbox as they would strangers in their neighborhood.
"HACKTIVISTS"
The term hacktivist refers to activists who use their hacking skills to convey their agenda, and they rank fourth on the list of the FBI’s cyber concerns.
The most notorious of these groups is Anonymous, an international network of hackers.
It purportedly has no leader; that opposes its communal ideology. Instead, it presents itself as a collective that purports to work toward the common good.
Some refer to Anonymous as a digital Robin Hood; others call it cyber terror.
Anonymous has targeted less favorable groups like the Westboro Baptist Church, child porn, Scientology, and ISIS. But it has also attacked the New York Stock Exchange, PayPal, Israel, and U.S. government agencies.
When Anonymous hit Wall Street, Demarest said the attack was specifically timed for financial impact.
Anonymous has targeted cities and police departments where controversial cases of suspects dying with police involvement occurred, including Ferguson, Missouri.
In November of 2014, 12-year-old Tamir Rice was carrying an airsoft gun when he was shot and killed by a Cleveland police officer.
In the following days, Anonymous shut down the Cleveland city website and posted a video about the incident online.
In some instances, Anonymous posted the names and addresses of officers and law enforcement officials online.
The implied motive of that action is to give some agitated individual the information to carry out retaliation in real life.
Northeast Ohio has involvement from Anonymous spanning back to the Steubenville rape case in 2012.
It was the hacktivist group that helped expose that something had taken place and that authorities should get involved.
Anonymous also organized rallies in Steubenville, which helped put the rape investigation into the national spotlight.
Ultimately, two Steubenville High School football players were convicted of raping an underage girl.
Justice is what Anonymous wants, but that responsibility is up to law enforcement and courts.
Because Anonymous has used illegal means to reach its ends, the FBI has arrested several of its members.
INDUSTRY INSIDERS
The last significant cyber threat the FBI is concerned about comes from the inside.
Leaks happen all the time, but Demarest said few are as infamous or have done as much damage as Edward Snowden, who worked with the NSA, CIA, and DIA.
Snowden fled the country and released millions of classified documents outlining numerous global surveillance programs ran by the NSA.
Some have labeled Snowden a hero or a whistleblower while others, like Demarest, label him a criminal.
Once an organization realizes an insider has leaked its information, it is crucial for the organization to get ahead of the leak and contain the damage.
“It’s a race to get to the media,” Demarest said.
Snowden worked for the federal government, but many industries and corporations are at risk of insiders exploiting their access and selling information to the highest bidder.
But sometimes insiders do not realize they were responsible for a leak.
Demarest said employees who are not careful with their information can unintentionally cause a leak, and lead to just as much damage to their organization.
ATTITUDE SHIFT
As technology develops, companies must not only adapt to the growing prospects of cyber threats, but they must adapt their attitudes to survive.
Much has changed in a short amount of time.
Five years ago, Noga said, it was considered taboo and shameful if your company was hacked, and many hesitated to be transparent about the attack.
“It is our job to protect our company’s assets,” said Amy Brady, Chief Information Officer of KeyBank in Cleveland.
For that reason, both Brady and Noga have seen businesses adapt and seek out the help of the government quickly.
They also share information with other companies that have suffered similar attacks, in an effort to build up their defenses against a mutual threat.
“Every industry has to be aware and has to take it seriously,” Brady said.
Working at KeyBank, Brady has seen a significant shift in the financial world’s attitude on hacking.
But the same does not appear to hold true at many technologically-based companies, such as Apple, Facebook, or Google.
“Interesting [to see] Silicon Valley's view of government – rigid, unfriendly. They think we’re limited,” Demarest said.
These companies hesitate to share information about cyber attacks with companies they are competing with, let alone seek out the help of the federal government.
But Demarest said the FBI is working to improve these relations and reach out to tech firms to assure them that the FBI is on their side.
Demarest said a lack of trust impacts their ability to stop the threat.
In April, Secretary Jeh Johnson said the Department of Homeland Security is setting up a satellite office in Silicon Valley in an effort to bridge the gap and build better relationships.
THE CHALLENGE OF PREVENTION
The satellite office could also serve as a way for the federal government to recruit experienced talent in the cyber world.
Brady said young people who want a hot career should get into the cyber information industry.
“It’s not like you could just bring somebody in,” Demarest said of the FBI’s challenge in finding tech savvy experts.
Partners Healthcare tries to recruit college students, Noga said, because members of the younger generation are “digital natives” who have a hugely different perception of personal privacy online.
In that regard, Demarest said businesses cannot have an old-fashioned, tight-lipped approach to intrusions anymore.
“They’re going to get in. We need to figure out how to keep them from getting back out,” Noga said, regarding the challenge of tracking down intrusions.
When asked what companies can do to prevent getting hacked, Demarest was blunt.
“Go back to pen and paper,” he said.
Demarest said companies must form a response plan before they get attacked, but that does not prevent them from a breach.
A plan can only help them to deal with the damage control.
“You’re all going to get hacked,” Demarest said. “It’s going to happen.”
More information can be found at the FBI website.
---
Download the newsnet5 app:
Read the whole story
· · · · · · · · · · · · · ·
The FBI -- and by extension, every law enforcement agency it partners with -- wants holes carved in cellphone encryption. The problem is that it doesn't even know what specifically it wants.
When asked directly if the FBI wants a backdoor, [Amy] Hess [Asst. Director of FBI's Science & Technology branch] dodged the question and did not describe in detail what actual solution the FBI is seeking.
“We are simply asking for information that we seek in response to a lawful order in a readable format,” Hess responded, while also repeating that the Bureau supports strong encryption. “But how that actually happens should be the decision of the provider.”
When pressed again, Hess said that it would be okay for the FBI not to have a key to decrypt data, if the provider “can get us that information by maintaining the key themselves.”
That's asking the impossible -- for a great many reasons. First and foremost, compromised encryption is compromised encryption. It can be exploited by criminals and other unwanted entities just as certainly as it can assist law enforcement agencies in obtaining the information they're seeking. There's no way around this fact. You cannot have "good guys only" encryption.
But beyond that, even if the FBI manages to get what it wants, it will do so at the expense of general computing. Requiring built-in backdoors or key escrow will dismantle the very systems it's meant to access. Computer scientist Jonathan Mayer delivers a
long, detailed hypothetical involving the Android platform and how the FBI's desired access would fail
-- and do severe collateral damage -- every step of the way. (via
Boing Boing
)
First off, if Google gives the FBI the backdoors it wants, that only nails down Google. But Google also distributes thousands of third-party apps through its Play store. And these apps may not contain the subverted encryption the FBI is looking for. Now, Google has to be in the business of regulating third-party apps to ensure they meet the government's standard for compromised encryption.
The obvious answer is that Google can’t stop with just backdooring disk encryption. It has to backdoor the entire Android cryptography library. Whenever a third-party app generates an encrypted blob of data, for any purpose, that blob has to include a backdoor.
This move may work, but it only affects apps using Google's encryption. Other offerings may rely on other encryption methods. Then what? It has a few options, all of them carrying horrendous implications.
One option: require Google to police its app store for strong cryptography. Another option: mandate a notice-and-takedown system, where the government is responsible for spotting secure apps, and Google has a grace period to remove them. Either alternative would, of course, be entirely unacceptable to the technology sector—the DMCA’s notice-and-takedown system is widely reviled, and present federal law (CDA 230) disfavors intermediary liability.
At this point, Mayer suggests the "solution" is already outside the realm of political feasibility. Would the FBI really
push this far
to obtain encryption backdoors? The FBI itself seems unsure of how far it's willing to go, and many officials quoted (like the one above) seem to think all the FBI really needs to do is be very insistent on this point, and techies will come up with some magical computing solution that maintains the protective qualities of encryption while simultaneously allowing the government to open the door and have a look around any time it wants to.
So, if the FBI is willing to travel this very dark road littered with an untold amount of collateral damage, it still hasn't managed to ensure the phones it encounters will open at its command. Considering phone users could still acquire apps from other sources, the government's reach would only extend as far as the heavily-policed official app store (and other large competitors' app stores). Now what? More government power and less operational stability.
The only solution is an app kill switch. (Google’s euphemism is “Remote Application Removal.”) Whenever the government discovers a strong encryption app, it would compel Google to nuke the app from Android phones worldwide. That level of government intrusion—reaching into personal devices to remove security software—certainly would not be well received. It raises serious Fourth Amendment issues, since it could be construed as a search of the device or a seizure of device functionality and app data. What’s more, the collateral damage would be extensive; innocent users of the app would lose their data.
Even if the government were willing to take it this far, it still doesn't eradicate apps that it can't crack. (But it may be sufficient to only backdoor the most used apps, which may be all it's looking to achieve...) App creators could decide to avoid Google's government-walled garden and mandated kill switch by assigning random identifiers and handling a majority of the app's services (like a messaging service, etc.) via a website, out of reach of app removal tools and government intervention. To stop this, the US government would need to do the previously unimaginable:
In order to prevent secure data storage and end-to-end secure messaging, the government would have to block these web apps. The United States would have to engage in Internet censorship.
Robert Graham at Errata Security
makes similar points in his post on the subject
, but raises a couple of other interesting (in the horrific train wreck meaning of the word) points. While the government may try to regulate the internet, it can't (theoretically) touch services hosted in foreign countries. (Although it may soon be able to
hack away
at them with zero legal repercussions…)
Such services could be located in another country, because there are no real national borders in cyberspace. In any event, such services aren't "phone" services, but instead just "contact" services. They let people find each other, but they don't control the phone call. It's possible to bypass such services anyway, by either using a peer-to-peer contact system, or overloading something completely different, like DNS.
Like crypto, the entire Internet is based on the concept of end-to-end, where there is nothing special inside the network that provides a service you can regulate.
The FBI likely has no desire to take its fight against encryption this far. The problem is that it thinks its "solution" to encryption is "reasonable." But it isn't.
The point is this. Forcing Apple to insert a "Golden Key" into the iPhone looks reasonable, but the truth is the problem explodes to something far outside of any sort of reasonableness. It would mean outlawing certain kinds of code -- which is probably not possible in our legal system.
The biggest problem here is that no one arguing for "
golden keys
," key escrow, "good guy" backdoors, etc. seems to have
any idea
what implementing this could actually result in. They think it's just tech companies sticking it to The Man, possibly because a former NSA sysadmin went halfway around the world with a pile of documents and a suitcase of whistles with "BLOW ME" printed on the side.
But it isn't. And their continual
shrugged assertion
that the "smart guys" at tech companies will figure this all out for them is not only lazy, it's colossally ignorant. There
isn't
a solution. The government can't demand that companies
not
provide encryption. It's not willing to ban encryption, nor is it in any position to make that ban stick. It doesn't know what it needs. It only knows what it
wants
. And it can't have what it wants -- not because no one wants to give it to them -- but because no one
can
give it to them.
Yes, many tech companies are far more wary of collaborating with the government in this post-Snowden era, but in this case, the tech world cannot give the FBI what it wants without destroying nearly everything surrounding the "back door." And continually
trotting out
kidnappers, child porn enthusiasts and
upskirt photographers
as reasons for breaking cell phone platforms doesn't change the fact that it cannot be done without potentially harming every non-criminal phone owner and the services they use.
Read the whole story
· · · · ·
Iran Is Raising Sophistication and Frequency of Cyberattacks, Study Says by By DAVID E. SANGER and NICOLE PERLROTH
A new study concludes that Iran has greatly increased the frequency and skill of its cyberattacks, even while negotiating with world powers over its nuclear program.
In Purchase, Raytheon Gets Defense-Grade Cybersecurityby By THE ASSOCIATED PRESS
Raytheon is buying the cybersecurity company Websense from the private equity firm Vista Equity Partners in a deal valued at $1.9 billion, a move aimed at making defense-grade cyberprotection available to businesses.
Pentagon Announces New Strategy for Cyberwarfareby By DAVID E. SANGER
The policy marks the fourth time in four months that the Obama administration has named suspected hackers or announced new strategies designed to raise the cost of cyberattacks.
New York Times |
Preparing for Warfare in Cyberspace
New York Times With so many government agencies involved in cybersecurity — the National Security Agency, the Department of Homeland Security, the Central Intelligence Agency, the F.B.I. and the Pentagon — the potential for turf fights and duplication is high. The ... |
- Get link
- Other Apps
Comments
Post a Comment