Obama administration wants encryption backdoors for domestic surveillance

In a New York Times article today by Charlie Savage, news that the Obama administration is proposing new legislation that would provide the U.S. Government with direct access to all forms of digital communication, "including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct 'peer to peer' messaging like Skype."

Sound familiar? As Glenn Greenwald points out in his Salon analysis piece,

In other words, the U.S. Government is taking exactly the position of the UAE and the Saudis: no communications are permitted to be beyond the surveillance reach of U.S. authorities. The new law would not expand the Government's legal authority to eavesdrop -- that's unnecessary, since post-9/11 legislation has dramatically expanded those authorities -- but would require all communications, including ones over the Internet, to be built so as to enable the U.S. Government to intercept and monitor them at any time when the law permits. In other words, Internet services could legally exist only insofar as there would be no such thing as truly private communications; all must contain a "back door" to enable government officials to eavesdrop.
On Twitter last night, Ryan Singel pointed out this relevant snip from a National Research Council report rejecting the idea of mandated backdoors in encryption... in 1996.

It is true that the spread of encryption technologies will add to the burden of those in government who are charged with carrying out certain law enforcement and intelligence activities. But the many benefits to society of widespread commercial and private use of cryptography outweigh the disadvantages.
And the lack of backdoors doesn't seem to have put much of a damper on domestic surveillance, anyway:

Law enforcement officials have long warned that encryption technology allows criminals to hide their activities, but investigators encountered encrypted communications only one time during 2009's wiretaps. The state investigators told the court that the encryption did not prevent them from getting the plain text of the messages.

Read the NYT piece: U.S. Tries to Make It Easier to Wiretap the Internet.

And this CNET piece by Declan McCullagh, who's been covering this beat for longer than anyone I know, is an equally essential read. Snip:

Vice President Joe Biden proposed something quite similar in the 1990s. As I wrote in an earlier article, when Biden was chairman of the Senate Judiciary Committee, Biden introduced an anti-encryption bill called the Comprehensive Counter-Terrorism Act. It said: "It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law." It was Biden's bill--and the eventual threat of encryption being outlawed--that Phil Zimmermann said at the time "led me to publish PGP electronically for free that year."

Update: ACLU reaction here. "Mandating that all communications software be accessible to the government is a huge privacy invasion."

[Image: Code, a Creative Commons-licensed image from Anonymous Collective]


    1. Wait, that could never happen.

      Oh, wait. It always has. I’ll probably have it on a T-shirt
      when it gets out, too, like my DeCSS shirt, etc.

    2. Cracked? Nahh it will just be sold to this highest bidder unless you believe that all politicians are impervious to bribery.

      1. Please don’t forget the “other Government officials”…politicians AND other government officials are BOTH subject to the temptations of bribery…especially so, if they’re being paid far below what would be the standard for their skill-sets in the private sector, by the Government.

        So…an argument to actually increase the pay of civil servants, it seems to me.
        Even though the argument seems to start by wanting to slag them as being susceptible to venality and corruption (unlike the vast majority of tax-payers, righto).

        And this is not a grab for “new powers” per se, but an attempt to hold onto and extend the old powers already secured by law to the lawful elected Government, to extend to, or to encompass, the new media of communications which have arisen. Of course, this may require that, technically, they gain some new powers…but I can see the argument they’re making.

        So…who gets to use the x-ray spectacles next?

  1. In defense of the Obama administration, in this regard they’re not trying to be evil and totalitarian. They just have no idea what they’re doing, and are no less clueless about technology than any other administration in the history of the USA.

    This is not Orwell’s 1984, it’s Gilliam’s Brazil.

    1. As though Gilliam’s Brazil is any better than Orwell’s dystopia. We still have “buddy” Michael Palins employed by the state as torturers.

      1. Oh, no, it’s not any better at all, except for the comfort in knowing that your leaders aren’t evil, they’re just idiots.

  2. I don’t understand: how will this affect my ability to encrypt my own email with a SHA-256 encryption and email it to my terrorist allies? Or to post my SHA-256-encrypted message onto Facebook?

    It doesn’t matter how Facebook chooses to store that message, no one will be able to crack it if they don’t have my key.

    So will posting (or emailing) encrypted messages be illegal? If not, this legislation does nothing at all for real terrorists or anyone who is serious about keeping their information from the government. Instead all it does is open up a huge gaping security hole for any one who might be able to gain access to this “back door” to read other people’s non-encrypted messages.

    1. Oops, SHA functions are one-way. Please mentally re-edit my comment to refer to any other cryptographic algorithm you want that would allow my terrorist buddies to read my encrypted emails if they had the key.

      1. Actually, you are correct. One could utilize user-level encryption, instead of relying on the the infrastructure to do secure encryption. AES is an easy to use symmetric crypto cipher that one could use to encrypt their message, then send through an ‘insecure’ network. If we all started using PGP/GPG to sign/encrypt email messages that would be another way to do some user-level encryption. Note that with a sufficient bitlength AES and most modern ciphers are pretty much unbreakable now (Unless the NSA has some crazy quantum computers, which who knows).

        If we outlaw cryptography, then only the outlaws with have cryptography.

  3. Since the terrorists won, why don’t we just throw in the towel and give the government the keys to our front doors. Imagine how many lives would be saved. Sigh,

    1. …only if the courts agree. Unfortunately, they’ve been caving in to the “in the interest of National Security” line.

  4. Really, Barack? Now you want to stick your thumb in the eye of all of your remaining supporters? Now?

    Time to dump hosted services and go back to PGP on the desktop.

  5. “We’re talking about lawfully authorized intercepts,” said Valerie E. Caproni, general counsel for the Federal Bureau of Investigation. “We’re not talking expanding authority. We’re talking about preserving our ability to execute our existing authority in order to protect the public safety and national security.”

    So no new authority, should mean they don’t mean any new laws right? Or is she just a Liar ?

  6. The NYT insinuated this is the work of the Obama administration, and some less-reputable sites have mistakenly stated Obama HIMSELF is introducting this legislation. Neither one of those are correct.

    The article states “Federal law enforcement and national security officials” and there are quotes from FBI counsel.

    Executive branch? Yes. That’s where Law Enforcement happens. The Obama administraton would be the ones to introduce the bill, IF they approve of it. There’s a good chance they may not.

    The headline should read “FBI, NSA, DOJ want Obama adminstration to consider…”

    Oh, and as for the “proposal’s likely requirements”… well, that’s the NYT making a WAG.

    1. Unfortunately, the DOJ is no less politicized under Obama/Holder than it was under Bush/{Ashcroft | Fredo | Mukasey}. “Justice,” her blindfold off, her scales dropped, her sword pointed at everyone, is taking her orders directly from the WH.

      1. Well, W certainly lowered the Bar a lot – more than a little, a lot – so don’t be too free with your “O is as bad as W” rhetoric, without a little more…substance.
        Here’s some “substance” supporting my view that W was far far worse in politicizing the DoJ than O – in fact, more than any modern Pres – has been shown to be:


        Yeah, right, “let’s all vote Republicans into power again, ’cause Obama hasn’t done well enough, fast enough, to change America for the better, over the past twenty months”…what nonsense.

        1. I don’t necessarily disagree, Canuck, but this is yet another area in which Obama has been a vast disappointment. In this case the disconnect between his campaign rhetoric and his actions in office results in further erosion of civil liberties (see: Aklawi assassination order).

          I have no intention of voting Republican next month or, barring massive brain trauma, at any time in the future, barring massive brain trauma, but DOJ has traditionally been as apolitical an organization as possible under even the most toxic administrations, and Obama has not only not done anything to reverse the damage inflicted by Dubya/Cheney/Goldsmith, he’s extended the damage, albeit at a slower rate.

      2. Legal wiretaps. With a warrant. Get it?

        Quite a departure than the previous DOJ actually, Mr. Hassenpfeffer.

        1. Yeah, I “get it,” but, aside from Feingold, where are all the Dems who screamed bloody murder at warrantless wiretaps during the Bush admin? Silently acquiescing to Obama’s “look forward, not backward” policy, effectively retro-pardoning the telecoms for massive violations, and generally acting like, “Well, our guy’s in charge now; as long as he/we have the power, it’s okay.” No, it’s not okay.

  7. This has been going on for a while… I know companies like Electronic Arts had built government-accessible surveillance back-doors into their game chat systems *years* ago, possibly even before 9-11. I wonder: were they interpreting government requirements differently than others in an attempt to look ahead, or were their actions aimed at complying with government regulations outside the US?

          1. …thus they can hardly be said to be aping the preceding Administration. Which, as we recall, administered its “antidote” to DoJ “politicization” like there would be no tomorrow.

            Two wrongs don’t make a right.
            That old saw too has some justice in it.

          2. Canuck, let me try to lay out my position as clearly as possible: Obama is not as bad as Bush *in most regards*. That doesn’t mean he’s good. Things like ordering the assassination of an American citizen go beyond anything even Cheney dreamed off.

            It’s not that Obama didn’t purge the DOJ of its top-level Republican partisans; he did. However, the replacements are continuing many of the worst of their predecessors’ outrages. It’s an outrage in and of itself that the abuses of the previous administration were labeled unworthy of investigation and/or prosecution. Generals who served under Bush have said that he committed/authorized war crimes. As a signatory to the Geneva Conventions, the US is obligated to investigate such allegations. But that would be looking backward, not forward.

  8. Your Brazil point is strengthened by this choice quote:

    ‘“They can promise strong encryption. They just need to figure out how they can provide us plain text.” ‘

  9. XerxesQados wrote:

    > In defense of the Obama administration, in this regard they’re not trying to be evil and totalitarian.

    That’s a defense?

  10. I suspect that someone on this thread can explain, in small words, how this new policy could be thwarted in five or fewer steps using off-the-shelf, opensource tech.

    Anyone willing to make me much smarter?

    1. Five steps? How about three lines of code?

      #!/bin/perl -sp0777ihttp://www.cypherspace.org/rsa/rsa-details.html

  11. This should bring back one time pads and serigraphs plus meltdown at the NSA. Considering how far behind they are in translating intercepted terrorist communications let alone finding someone to read them, this looks like more billions into the security cult black hole.
    Intercepts are typically dead meat in less than a day.
    After the worst has happened, someone will say, “We knew about it.” Hearings will be held and the usual suspects will double talk into the microphones.
    Congress will alot more money and the useless game will continue.

  12. This does not sound like what was promised on change.gov:


    “Safeguard our Right to Privacy: Strengthen privacy protections for the digital age and harness the power of technology to hold government and business accountable for violations of personal privacy. ”

    Yeah, right. Change you can believe in.

    The political implications notwithstanding, this is the Clipper Chip all over again:


    The same arguments that applied then still apply: a user can super-encrypt their data, and LEOs will never know until they use their keys only to discover the payload is still encrypted!

    Joe Biden, genius that he is, does not understand that while you might be able to outlaw strong encryption, it is impossible to make it unavailable. It’s an idea, an algorithm.

    Consider the US Government’s persecution of one Mr. Phil Zimmerman, the creator of PGP, and how PGP was ultimately “exported” as a printed book: http://www.philzimmermann.com/EN/essays/BookPreface.html


  13. Anyone read “zero history” by william gibson? one of his characters posits that shit like this is a symptom of auto-immune disease infecting The Authority.
    The “anti-bodies” are ‘roiding up and becoming destructive to the host.

  14. Yup.

    OSS isn’t beholden to the United States Government. Ubuntu, for example, is distributed by Canonical, ltd. which is a corporation registered in the Isle of Man.

    With any OSS project, the source is easily inspectable and anyone can compile from source and then compare the relevant code portions to the binary distribution to check for suspicious discrepancies. And, inevitably, someone not beholden to the US Government will do exactly that. Discrepancies in a SSL module or encryption engine would be readily visible and would likely be constantly monitored by security wonks.

    What the US Government /can/ do is outlaw hardware from being sold that doesn’t have a built-in backdoor. It’s possibly too late for that to happen — But very few people know what, exactly, is in the silicon they use.

    They can also mandate that every mobile device OEM operating system have a backdoor —- iPhone, iPad (with cell data radio), BlackBerrys, and a huge swath of phones already have this back door, and most of them lock down the OS so that an OSS OS can’t be put onto them (some flavour of Android, for example). Or, at least, can demand that the software on the phone be unable to perform encryption without it going through a function in hardware or software that inserts a backdoor.

    Windows — every version since NT 4, at least — has the OS manage encryption modules within an encryption engine and provides encryption as an OS service, and that engine and any module within it can be replaced over the network by Microsoft — or by whoever is using the second auth key for that function, which is intriguingly named “_NSAKEY”. That’s a fun bit of info, that there.

    They can’t demand that the backdoor be installed on existing systems that don’t have them – they’d need, oh, a FISA court stamp, or probable cause, or just have the FBI serve a National Security order (and gag order). Which, honestly, is exactly what they’ve done to many, many service providers.

    There are other problems, though. The US Government can require your ISP to hand over control of their DNS servers and routers to them – and can then spoof DNS records to your machine, spoof routes to your machine, and can even spoof as a certificate authority to your browser and spoof as your email provider, message board, bank, or a software publisher. This is why it is important to inspect and corroborate certificates – even the ones that came with the OS and/or browser — if you want to be able to determine a good level of secure trust of the system you’re using.

    Mozilla in the US is in Silicon Valley – under the gun of the US Government – but there is Mozilla Europe, Mozilla China, and Mozilla Japan. At least one of those is less than likely to bow to the whims of the US Government intercepting their citizen’s communications.

    IE is published by Microsoft.

    Google – US corporation.

    You see my points, yes? OSS is one step away from this insanity, but it’s not the only step to get back to sanity. Write, call, email your congresscritters, and as Obama has time and time again advocated, get into your community and organise.

  15. Come on people, you gotta think farther ahead than the government. If you want to encrypt something yourself, that’s fine. But when they decrypt and store your email, and the natural language parser (only looking for “terrorist” and “child molester,” really truly) only picks up gobbledygook, wouldn’t you agree that’s a pretty good sign that you’re Obstructing Justice with illegal encryption? And can therefore be hauled in whenever they feel like it no matter how innocent your actions may be?

    1. The correct answer of course is “No”.
      They need more for a Warrant to open your mail than the mere fact that you sealed the envelope: or to get to force a password from you in front of a Judge, if that’s what it would take to open the envelope.
      That’s the way it is, is it not?

      1. Man, I didn’t know ya’ll came that naive up there in Canadia.

        The answer, seriously, is “ostensibly, but in practice, no,” for two reasons. The first is that warrantless wiretapping is no longer a crime, and they have had the hardware in place to monitor every bit that goes across the pipe for the last decade. They’re *already* reading and storing every email you send if you use an american provider (like gmail), and almost every email (the ones they can catch) if you don’t.

        The second reason is blue laws; laws that are made to be broken. Obstruction of Justice is an actual crime. Generally it’s only used when people piss off cops and haven’t done anything else worth hauling them in. But since I’d imagine very few people encrypt their data without actually having something to hide, using the law to troll for evildoers will justify itself with an astonishingly high hit rate. It may be a stretch of interpretation, but considering what we can do with the Interstate Commerce Clause and Open Container laws, not a terribly unexpected one.

        1. No, again: too many business people have excellent legitimate reasons to encrypt (sometimes it would even be negligent for them NOT to encrypt, that is, failure to so could ground legal liability) for the mere presence of such to have any value as a marker of “evilness”.

        2. But since I’d imagine very few people encrypt their data without actually having something to hide, using the law to troll for evildoers will justify itself with an astonishingly high hit rate.

          Don’t do a lot of online banking or purchasing, do you? In fact, you don’t use secure websites at all, right?

    2. “Illegal encryption”? What IS that, anyway? There’s no such thing under current US law, right?

      Again, the question becomes one of the intent of the Party encrypting: if it is to use encryption to cover up evidence of a crime, then the cops ought to be able to break through it: but first, they need other evidence, to get that Warrant – otherwise they would simply be “fishing”, and violating the 4th, and possibly 1st and 5th, Amendments to the US Constitution.

      1. IANAL, but my understanding is that the only encryption-related crime on the US books is exporting certain encryption algorithms to Bad Nations(TM).

        1. Oh yeah that old Reagan-Bush I law outlawing music synthesizer exports. That still around? Well, joking aside, so long as there’s still “enemy nations”, I guess the answer will be “yes”.

        1. I’m not sure that I do.

          There is a duality to Americans which I find puzzling, involving the relation which the people have with their Government.
          It really seems a complicated love/hate, trust/no-trust situation. Maybe that’s inevitable with such a large population.
          I mean, do you or don’t you Americans trust your Government to do the right thing with the Authority which you have given them?
          I have never been able to get a clear or simple answer to that question.
          But I do know that modern society cannot run without trust. That’s just the way it is. This song sums up the situation, IMHO:

          I think that if more people decided not to disdain getting involved with politics and governance, everyone would be better off. Maybe people would start to trust the Government, if they ever did stop so trusting it, that is.

          We do live under a system of constitutional liberty, and although I well understand the reasons, and reasoning, for not trusting a despotic or otherwise absolutist or rapacious Government, I have difficulty understanding why OUR Governments ought to be held in the same regard as those should be.
          To treat all Governments as thus untrustworthy, even those which we ourselves have freely elected, seems somehow self-defeating.

          1. Trust in government has been thoroughly eroded since the Nixon Administration and no president since that time has really done anything meaningful to earn that trust back. The progressive bluring of multinational corporations and governing bodies and abysmil campaign finance oversight means that both parties tend to have the same agenda and the differences between Neoliberalism and Nonconservativism are negligible. But that has nothing to do with your little “would you rather have the other guy?” question. Of course I wouldn’t be happier with McCain, but his hypothetical administration isn’t the standard to judge Obama against. You judge Obama against the campaign he ran on and by that standard he has been a disappointment at best.

          2. As a rational individual, I understand that some functions, like regulation and public works, can only be handled by the government. Also as a rational individual, I understand that no government voluntarily gives up power, even if it’s already exceeding its reach. Congress has never sat back and said “well, we think we’ve got enough laws for now.” Cops have never sat around in the station because all the major crime had been taken care of. No bureaucracy has ever felt it had all the rules it needed.

            I understand that we need government. I don’t trust the government’s opinion of how much government we need. Case in point: exactly this type of bullshit. Yes, it would make the justice department’s task much easier and more effective if they had the power to eavesdrop on all communications. No, they should not be trusted with that power because it WILL be abused. Is that too complicated? I don’t know.

            As for your other comment and brianary’s, banks and online purchasing will be legally required to add backdoors into their encryption methods as per the terms of this bill. I was explicitly talking about self-encryption, because anything else would already be a lost cause.

          3. Beelzebuddy: As was I – confidential communications are required in all business activity at some point or other.
            Even so, I yet trust my Government not to share my firm’s tax returns with my competition, even though my submitted tax forms are un-encrypted.
            But I still maintain that the presence of encryption, alone (even the no-back-door variety), can NEVER be enough to ground reasonable suspicion of criminal activity – there must always be something more.
            Also: if the crypto being used truly has no back-door, they’ll have to drag in the author or intended recipient – with a subpoena, another layer of judicial oversight – to crack it, would they not?

            The thing is, keeping secrets or confidences from the Government’s knowledge may be of limited, or more often still, of no concern at all to those who use strong encryption in their day-to-day business. Typically, it’s parties other than one’s own Government whom you are protecting your data against.

            Nutbastard: Well, one man’s vote can mean little (but never nothing!) in a democratic society of 350 millions.
            Nevertheless, both Canada and the USA are constitutional democracies: and thus, the people as a mass ARE responsible for the Government which they elect – for the Government is responsible solely to them. As you know, in our systems the way to be rid of a bad government is not through violent revolt, but through active political engagement.
            IMHO, this is necessarily so, wherever Government is not imposed by some armed force.

            It is your – our – Government.
            Get organized and engaged with the people involved in politics, if you want to change the steps in the “dance” or the “tune” they’re dancing to.
            That is, if you don’t think or feel that it is your Government, then take the steps which are available to you to make it your Government.

            Be or become politically involved. That is not a choice which is open to the citizens (or more usually the subjects) of every State, and seems historically to be quite rare.

            But it damn well is in ours.

          4. Okay, you’re going to have to leave your nationality behind you for a second, and temporarily think like a bastard. The fact that encryption alone doesn’t constitute reasonable suspicion is the entire point of the proposed law. The law would say, if there’s encryption with no backdoor, that is in itself a crime. Either the gov’t is allowed to see everything you have, or they can haul you in and leave you in jail until you cough up the key. They would no longer need to find any other reason to harass an undesirable individual.

          5. “Trusting” a gov’t not to share your tax records with one of your competitors is one thing. The gov’t doesn’t care about your competitors any more than they care about you.

            We (meaning I and other lefties who worked for Obama’s election only to be stabbed repeatedly in the back) have attempted to become involved. We have been told to “stop whining,” that we are the “professional left” who have nothing better to do than complain; in other words, to be thankful for the dollop of gruel they gave us in return for our blood, sweat, and tears, and not to DARE to ask for anything more.

            We (same “we”) constantly send letters and make phone calls to the White House and our so-called representatives in Congress (House of Reps and Senate) asking them to Do The Right Thing. In return, we have accumulated piles of say-nothing responses, outright silence, and accusations of not being “team players,” all with the stated or implicit message, “Trust us.” In the immortal wisdom of Fox Mulder, Trust No One.

            We watch in horror as the Security State metastasizes (http://projects.washingtonpost.com/top-secret-america/articles/#article-index) and the budgets for defense and “intelligence” drive the nation to bankruptcy.

            Thanks to the Man from Hope and Mr. Hope and Change, we have lost hope. Obama’s victory over McCain almost certainly was the lesser of two evils–but it was an evil nonetheless.

          6. Perhaps so…but I still don’t see how electing more Republicans would help with that…
            Then again, it is your country, and there really is a lot – a very great deal, I’m afraid – that I don’t understand about it.
            As I’ve said before, from out here, it can be tough to tell the difference between the Republicans and the Democrats at any time. But my views ought not to be much concern to you: it is not my country, after all.
            And I certainly don’t want to be swimming in your soup, as that may just get me into hot water – maybe even over my head, to boot.

          7. “I mean, do you or don’t you Americans trust your Government to do the right thing with the Authority which you have given them?
            I have never been able to get a clear or simple answer to that question.”

            No. No I do not. However it’s a trick question – we didn’t give them this power, they inherited it from 200 years of assholes just like them incrementally chipping away at our rights to pave the road to hell. Oh sure there’ve been some consolations like suffrage and other civlib bones we;ve been tossed, but at the same time gun rights have been eroded, fantastic consciousness expanders have been banned. we haven’t declared war wince WWII, yet how many countries have our guys boots tread on since then?

            talk shit about my government but dont implicate ME in how they came to wield such a fucked amount of power so wrongly.

  16. This battle was already fought and won by the good guys in ’90s, against the Clinton administration.

    See Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age urn:isbn:0140244328 .

    The great thing about democracy is if you don’t get the answer you want, and you’ve got a great deal of money, you can just keep asking the question, sort of like a denial-of-service attack.

    Wait, did I say “great”? I meant “completely dysfunctional”.

  17. It’s such nonsense. Any criminal worth their salt would use PGP in which case nobody could crack a illicit message under pretty much any circumstances!

  18. After the repeated, pervasive mis-use of the PATRIOT Act powers being used in the pursuit of definitively non-terrorism related cases, I just can’t see granting yet another set of eavesdrop-at-will powers to the law enforcement community. They have proven over and over again that they cannot be trusted with that sort of power. It always winds up being abused by “rogue” agents for purposes other than those it was intended for.

    Beyond that, these guys must realize that the encryption cat is not only already out of the bag, it is down the block and around the corner. Encryption is math. What are the odds that other countries – you know, the ones who might be sources of terrorists – might have their own programmers and mathematicians capable of building successful encryption algorithms that don’t include handy back-doors? I’d say the odds are pretty much 100%.

    The only people who will be hurt by these sorts of measures are regular citizens with legitimate uses for encryption. Oh, and the most retarded 10% or so of terrorists. You know, the ones who try to light their underwear on fire right there in seat 4C. The ones who aren’t really a threat.

  19. This reminds me of something I heard a long time ago. If someone is cheating on his/her husband/wife they are less trusting of there spouse. Why do you think the Government here and in the UK is so paranoid? I think its because of everything they have done to us and to others without the people of the country knowing. I think the goverment breaks more rules then the people. At what point are people going to have enough? I’m amazed that everyone in the USA are still living life like this day after day. How blind can you really be? Watch… wikileaks is going to start wwIII

  20. Have you noticed that electing officals into the US office is like gambling. The turn out is always the same and you never really win. I’ve lost all faith in human kind b/c of how stupid you all are for letting things get this screwed up. Way to go America, your a bunch of lazy idiots. Its like somewhere a long the line humanes lost the capability to learn from mistakes. Wheres leadership outside of government? Your all being preached to from your electeds. Your elected knows how screwed this system is and wants to cash in. No matter what side. Its loike the USA and its citezens are in a bad marraige and your all to big of pussies to call it quits. Youd rather put up with the lieing and cheating the putting forth an effort to fix things.

  21. the greatest thing Bush did was shorten our tolerance for Evil from 5 years to 2.

    The things that defined W’s presidency are still there: Gitmo, the PATRIOT Act, undeclared wars, insane HLS policies, insane TSA policies, telecom backroom deals, Haliburton military contracts, Blackwater operatives on our payroll.

    The only differences I’ve seen is a reduction in employment, a housing bubble burst, an expansion of government control, increased spending and hot air that actually makes grammatical sense. Oh and he’s put a gun to the heads of the insurance companies to provide insurance regardless of whether or not it makes fiscal sense and a gun to ours to purchase insurance whether or not we want it.

  22. I mean, god, it’s like 8 years of Bush got us to the point where all we wanted in a president was proper diction and the ability to lie to us convincingly. it’s like going through a bad relationship and then wanting so badly to believe that your new S.O. is a much better person, and so you give them way too much benefit of the doubt, have your heart broken twice in quick succession, and become completely disillusioned and bitter about the entire process.

  23. Let me air my opinion: encryption is never a crime, no matter what. Guns aren’t illegal. Using them to commit a crime is.

    No human is illegal.

    The most secure encryption method is the one-time-pad. Public/Private key encryption is useful for exchanging keys — and thus messages — over an unsecured channel; It’s far more secure for each party to have (for example) a same-printing same-edition New World Encyclopedia as a shared key matrix, or printed tables of logarithms, or regional property values, or the intervals of a thick-soled-boot-wearing stomper, or the digital values of the nth sector of a Riverdance CD. No eavesdropper can ever get or know the key without seizing one end or the other in the act.

    It’s an idea – one that will recur and be independently arrived at no matter how draconian the government becomes in an attempt to put the genie back in the bottle.

    1. I think that at bottom you are correct: it seems that technically, the “strong encryption boat” has already long since sailed into public waters, and it seems that it won’t be coming back to Government Harbor.
      So the mathematicians seem to say.
      So…why pass a Law that is foredoomed to be ineffective?
      That would be a waste of ink, never mind the monies used in attempting to enforce or actually use it.

      Passing pointless laws – that is, unenforceable laws – is one thing that no State can long afford to do. If, that is, it wishes to maintain its credit in and with the world.

  24. Governments have no trust in there own people or other countries. Its been a snowball effect between them and everyone else since around 1914. Soon something will happen. It will reside over us a short time. The world will cry out “Peace at last!”, and then the end will come.

  25. the major problem i see with this is that it would put a mandatory backdoor that could be exploited by anyone able to crack in or sneak in

    why would you punch a hole in your roof for one person and think it would be safe from others trying to sneak a peek

  26. Tainting with encryption will put us more in risk than anything else. We depend on encryption for everything, from bank transactions to website registration. When (and not IF) the master key becomes public we are f**k*d.

  27. I’m starting to agree with the right wingers/conspiracy nuts. Obama has to be a “Sell out” over this and his steadfast refusal to legalize marijuana.

    First, this is a clear violation of the “Fifth amendment”. If the FBI/CIA whatever eavesdrops on a conversation, that’s one thing, but if they think they have a right to demand the “Keys” should knowing the abuse of this power most people get “Encryption”, it’s another matter. Their demand to search and look and spy is in pursuit of a crime and demanding people un-encrypt their files is demanding a person provide evidence against themselves.

    And it won’t be just for terrorists or pedophiles. The law regularly spies on peaceful protest groups and then makes sure there’s random arrests and planting of agents to incite violence in the groups to disrupt and frame them.

    The second part is that if the government is involved in encryption it’s going to FAIL MISERABLY. Won’t be a day before a hacker cracks it and posts the key everywhere, unless he’s a criminal (for $ type) who’ll then use it for personal gain. And, even if it’s slightly hard to break, the governments full of traitors and politically allowed spies. Aldritch Ames. Chinese “Scientists”, Israeli “Ambassadors”. They’d take the keys and both use and SELL them all over.

  28. Does this remind anyone of the US’s law that made it illegal to export non-crippled encryption algorithms to anyone outside the states in the 90s. The only effect that had was to encourage development and sales for the encryption community around the rest of the world as no country/organisation is going to use an encryption algorithm it knows a foreign government can decrypt without effort.

    The only people that will be affected by this are law abiding citizens who want to keep their files private, the criminals using encryption aren’t stupid and they can use the internet well enough to discover whether their encryption algorithm has a backdoor that will allow the US government to spy on them.

  29. Two points:
    1) Most encryption software of quality, is open source – so the well informed user can check it for security holes and compile it themselves, subsequently having no need to trust a 3rd party. Any “back door” will soon be found and closed in FOSS.

    2) Cryptography is a branch of mathematics and therefore falls into the category of “the laws of nature”. It pretty pointless trying to rewrite the laws of nature, and tends to result in disappointment and embarassment for those who try.

    Do the FBI think they can, on a global level, prevent distribution of encryption source code or the study of a branch of mathematics? The phrase “pissing into the wind” springs to mind.

  30. I’m reminded of CipherSaber. The main page is currently down, but the FAQ is up http://ciphersaber.gurus.org/faq.html

    Learn to write your own encryption program!

    from the CipherSaber FAQ (last revised in 2003):
    Resistant to suppression: They can’t take CipherSaber away from you. The U.S. Congress is seriously considering banning the distribution of strong encryption systems that block government access to plaintext, such as PGP. The head of the FBI wants the ban to apply even within the United States. The same law might even ban the distribution of CipherSaber programs, but the knowledge needed to write ones own CipherSaber would be much harder to suppress.

  31. Welcome to the USSA the United Soviet States of Amerika. I use a concept called encryption layering. Even if one or two of the programs have backdoors then the information stays out of enemy’s hands. I.E. the USSA govenment.

Comments are closed.