|
Kryptos
Stranger

Registered: 11/01/14
Posts: 12,263
Last seen: 1 hour, 10 minutes
|
Proposed bill to include "security backdoor" for the government 1
#26535694 - 03/14/20 11:43 PM (3 years, 10 months ago) |
|
|
https://www.eff.org/deeplinks/2020/03/earn-it-bill-governments-not-so-secret-plan-scan-every-message-online
Quote:
Imagine an Internet where the law required every message sent to be read by government-approved scanning software. Companies that handle such messages wouldn’t be allowed to securely encrypt them, or they’d lose legal protections that allow them to operate.
That’s what the Senate Judiciary Committee has proposed and hopes to pass into law. The so-called EARN IT bill, sponsored by Senators Lindsay Graham (R-SC) and Richard Blumenthal (D-CT), will strip Section 230 protections away from any website that doesn’t follow a list of “best practices,” meaning those sites can be sued into bankruptcy. The “best practices” list will be created by a government commission, headed by Attorney General Barr, who has made it very clear he would like to ban encryption, and guarantee law enforcement “legal access” to any digital message.
The EARN IT bill had its first hearing today, and its supporters’ strategy is clear. Because they didn’t put the word “encryption” in the bill, they’re going to insist it doesn’t affect encryption.
“This bill says nothing about encryption,” co-sponsor Sen. Blumenthal said at today’s hearing. “Have you found a word in this bill about encryption?” he asked one witness.
It’s true that the bill’s authors avoided using that word. But they did propose legislation that enables an all-out assault on encryption. It would create a 19-person commission that’s completely controlled by the Attorney General and law enforcement agencies. And, at the hearing, a Vice-President at the National Center for Missing and Exploited Children (NCMEC) made it clear [PDF] what he wants the best practices to be. NCMEC believes online services should be made to screen their messages for material that NCMEC considers abusive; use screening technology approved by NCMEC and law enforcement; report what they find in the messages to NCMEC; and be held legally responsible for the content of messages sent by others.
You can’t have an Internet where messages are screened en masse, and also have end-to-end encryption any more than you can create backdoors that can only be used by the good guys. The two are mutually exclusive. Concepts like “client-side scanning” aren’t a clever route around this; such scanning is just another way to break end-to-end encryption. Either the message remains private to everyone but its recipients, or it’s available to others.
The 19-person draft commission isn’t any better than the 15-person commission envisioned in an early draft of the bill. It’s completely dominated by law enforcement and allied groups like NCMEC. Not only will those groups have a majority of votes on the commission, but the bill gives Attorney General Barr the power to veto or approve the list of best practices. Even if other commission members do disagree with law enforcement, Barr’s veto power will put him in a position to strongarm them.
The Commission won’t be a body that seriously considers policy; it will be a vehicle for creating a law enforcement wish list. Barr has made clear, over and over again, that breaking encryption is at the top of that wish list. Once it’s broken, authoritarian regimes around the world will rejoice, as they have the ability to add their own types of mandatory scanning, not just for child sexual abuse material but for self-expression that those governments want to suppress.
The privacy and security of all users will suffer if U.S. law enforcement is able to achieve its dream of breaking encryption. Senators should reject the EARN IT bill.
Wasn't there a whole big thing about Huawei being unsafe because they had a Chinese government backdoor? Guess they beat us there, too!
|
SirTripAlot
Semper Fidelis



Registered: 01/11/05
Posts: 7,459
Loc: Harmless (Mostly)
Last seen: 16 minutes, 7 seconds
|
Re: Proposed bill to include "security backdoor" for the government [Re: Kryptos] 1
#26536108 - 03/15/20 07:55 AM (3 years, 10 months ago) |
|
|
Georgie Orwell would be proud. I am not opposed to some of the concepts here.....but it looks like the committee is entirely law enforcement..... who brings forth privacy concerns?
We all know Bill Barr has the upmost concern for the US populace
-------------------- “I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain.”
|
Kryptos
Stranger

Registered: 11/01/14
Posts: 12,263
Last seen: 1 hour, 10 minutes
|
Re: Proposed bill to include "security backdoor" for the government [Re: SirTripAlot]
#26536440 - 03/15/20 11:12 AM (3 years, 10 months ago) |
|
|
Quote:
SirTripAlot said: I am not opposed to some of the concepts here
...really?
|
SirTripAlot
Semper Fidelis



Registered: 01/11/05
Posts: 7,459
Loc: Harmless (Mostly)
Last seen: 16 minutes, 7 seconds
|
Re: Proposed bill to include "security backdoor" for the government [Re: Kryptos]
#26536520 - 03/15/20 11:53 AM (3 years, 10 months ago) |
|
|
In the interest of national security...now those words gets tossed around to justify just about everything but that doesn't mean it is unimportant to have some mechanism to address this. As this is spearheaded by law enforcement it will likely go down the road where anything can be used to un encrypt.
-------------------- “I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain.”
|
Kryptos
Stranger

Registered: 11/01/14
Posts: 12,263
Last seen: 1 hour, 10 minutes
|
Re: Proposed bill to include "security backdoor" for the government [Re: SirTripAlot] 1
#26536574 - 03/15/20 12:24 PM (3 years, 10 months ago) |
|
|
Quote:
SirTripAlot said: ...some mechanism to address this...
The only possible mechanism to address end-to-end encryption is an "official" backdoor.
Now, considering that this is an officially known security flaw, how long will it take the kinds of people that crack videogames that have millions of dollars in anti-piracy development within a day to crack the official backdoor?
This is the virtual equivalent of having to have a separate lock on your front door, so that the person with the official government key can get in whenever for national security. And if they've got the official key, they're official, right? No way they've stolen it?
|
Enlil
OTD God-King




Registered: 08/16/03
Posts: 65,499
Loc: Uncanny Valley
|
Re: Proposed bill to include "security backdoor" for the government [Re: Kryptos] 2
#26536589 - 03/15/20 12:35 PM (3 years, 10 months ago) |
|
|

Once there's a backdoor, it will only be a matter of days (at most) before someone reverse engineers the software to determine the backdoor. Once that happens, the backdoor becomes public knowledge which completely removes all benefit of encryption.
They might as well outlaw encryption, because it will be instantly obsolete.
-------------------- Censoring opposing views since 2014. Ask an Attorney Fuck the Amish
|
SirTripAlot
Semper Fidelis



Registered: 01/11/05
Posts: 7,459
Loc: Harmless (Mostly)
Last seen: 16 minutes, 7 seconds
|
Re: Proposed bill to include "security backdoor" for the government [Re: Kryptos]
#26536620 - 03/15/20 12:58 PM (3 years, 10 months ago) |
|
|
Those are fair points, maybe I need to think about it more. Do you really think that this backdoor has yet to be created? I would think one already exists. If it is created how would we know or not know?
-------------------- “I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain.”
|
Enlil
OTD God-King




Registered: 08/16/03
Posts: 65,499
Loc: Uncanny Valley
|
Re: Proposed bill to include "security backdoor" for the government [Re: SirTripAlot] 2
#26536634 - 03/15/20 01:04 PM (3 years, 10 months ago) |
|
|
Well, it's certainly possible it exists, but there are an awful lot of hackers out there who reverse engineer the shit out of this stuff. Any of the major encryption software have already been looked over pretty heavily.
Besides, why work so hard to pass the bill if it already exists? Why draw attention to it at all?
-------------------- Censoring opposing views since 2014. Ask an Attorney Fuck the Amish
|
Kryptos
Stranger

Registered: 11/01/14
Posts: 12,263
Last seen: 1 hour, 10 minutes
|
Re: Proposed bill to include "security backdoor" for the government [Re: SirTripAlot]
#26537201 - 03/15/20 06:42 PM (3 years, 10 months ago) |
|
|
Quote:
SirTripAlot said: Those are fair points, maybe I need to think about it more. Do you really think that this backdoor has yet to be created? I would think one already exists. If it is created how would we know or not know?
If it existed we'd know about it. Again, Huawei just hinting at the possibility of a CCP backdoor caused an international brouhaha not long ago.
|
SirTripAlot
Semper Fidelis



Registered: 01/11/05
Posts: 7,459
Loc: Harmless (Mostly)
Last seen: 16 minutes, 7 seconds
|
Re: Proposed bill to include "security backdoor" for the government [Re: Kryptos]
#26537283 - 03/15/20 07:30 PM (3 years, 10 months ago) |
|
|
If Hauwei hinted at it, and caused a stir, thats means people were speculating about its existence. Anything of that value would be one of closest government/corporate secrets, ever.
Huawei supposedly has ties to Chinese intelligence agencies; given the social credit system in China, yikes, that does seem crazy to me. They got the data plan or 5g.
-------------------- “I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain.”
|
Kryptos
Stranger

Registered: 11/01/14
Posts: 12,263
Last seen: 1 hour, 10 minutes
|
Re: Proposed bill to include "security backdoor" for the government [Re: SirTripAlot] 1
#26538698 - 03/16/20 02:14 PM (3 years, 10 months ago) |
|
|
Quote:
SirTripAlot said: If Hauwei hinted at it, and caused a stir, thats means people were speculating about its existence. Anything of that value would be one of closest government/corporate secrets, ever.
Agreed, and it would stay secret for all of ten minutes. Especially considering this would be a law passed in congress.
Quote:
SirTripAlot said: Huawei supposedly has ties to Chinese intelligence agencies; given the social credit system in China, yikes, that does seem crazy to me. They got the data plan or 5g.
Now replace that with "Apple" and "CIA", and does that suddenly sound any better? You want the MKULTRA guys checking out everything you send?
As for 5g, that's mostly unrelated. The US doesn't have 5g because there's no reason to upgrade the infrastructure. Most Americans don't get a choice of data, so they just suck it up and deal with the crumbling infrastructure and shit-tier internet. Much like healthcare, we pay the most for internet and our internet is some of the worst in the world.
|
|