- These high school theater kids put on a totally awesome ‘Alien’ play Saturday 3:59 PM
- Behold these photos of Elon Musk, but with Elizabeth Holmes’ eyes Saturday 3:11 PM
- Barbra Streisand gets canceled over remarks about Michael Jackson’s alleged victims Saturday 2:09 PM
- Report: Florida man raped Texas teen after posing as Instagram celeb Saturday 12:14 PM
- Lori Loughlin’s daughters, Olivia and Isabella, could be banned from USC forever Saturday 11:46 AM
- ‘Starfish’ is a heartbreaking tale of BFFs, grief, and apocalyptic alien invasions Saturday 10:35 AM
- How to stream UFC Fight Night 148 for free Saturday 10:00 AM
- The kids are making scantron memes instead of studying Saturday 9:29 AM
- Every installment of Hulu’s ‘Into the Dark,’ ranked Saturday 6:00 AM
- The internet is mocking Robert Mueller’s report deadline Friday 7:53 PM
- Instagram blocks some anti-vax hashtags—but still has far to go Friday 6:20 PM
- Study: Netflix released more originals than licensed titles last year Friday 2:26 PM
- Laura Ingraham, Dinesh D’Souza slam journalist for having a job Friday 1:40 PM
- Netflix is testing a cheap-as-hell mobile-only plan Friday 1:08 PM
- Astrology app Co-Star’s bizarre push notifications are now a meme Friday 12:18 PM
FBI slammed on Capitol Hill for ‘stupid’ ideas about encryption
The crypto wars are heating up.
A new crypto war is underway.
At a hearing in Washington, D.C., on Wednesday, the FBI endured outright hostility as both technical experts and members of Congress from both parties roundly criticized the law enforcement agency’s desire to place so-called backdoors into encryption technology.
Amy Hess, the FBI’s executive assistant director for science and technology, reiterated to the House Committee on Oversight & Government Reform the bureau’s decades-old fear of “going dark” because encryption will make criminal investigations more difficult.
“We’re certainly not going to go dark,” Rep. Jason Chaffetz (R-Utah) responded. “And in many ways we’ve never been brighter.”
“Creating a technological backdoor just for good guys is technologically stupid,” said Rep. Ted Lieu (D-Calif.), a Stanford University computer science graduate. “That’s just stupid.”
Lieu blamed the NSA’s vast surveillance apparatus, saying the agency “violated the Fourth Amendment rights of every American for years” and has caused a vast public reaction.
“Our founders understood that an Orwellian overreaching government is one of the most dangerous things this world could have,” Lieu said.
When asked if the FBI ever tracks Americans’ geolocation without a warrant, Hess reluctantly answered yes but declined to provide details to the public despite Chaffetz encouraging her to do so.
The FBI obtains historical cell tower geolocation records, cell tower dumps, and uses Stingrays, all without a warrant.
— Christopher Soghoian (@csoghoian) April 29, 2015
But, also, DOJ pretty clearly gets at least site/sector level geolocation data without a warrant.
— Julian Sanchez (@normative) April 29, 2015
Hostility to Hess came from multiple angles, including from Rep. Blake Farenthold (R-Texas), who said he sees no practical way to implement the FBI’s proposal of encryption backdoors. He predicted other countries would become havens and provide strongly encrypted phones, creating a black market for encryption that would be difficult or impossible to control.
Farenthold asked the panel of witnesses if anyone thought it was possible to build a technically secure “golden key.” No one raised their hands.
Hess emphasized that the FBI “fully supports encryption” and even said it was good advice for people to encrypt cellphones. Hess echoed Massachusetts District Attorney Daniel Conley and Rep. Robin Kelly (D-Illinois), who said, “there is a balance to be struck here.”
The technical experts and almost every other congressperson didn’t think the balance proposed by the FBI was possible from technical, legal, and policy perspectives.
“I, for one, am not willing to give up every bit of privacy for security; so how do we find that balance?” Chaffetz asked. “It’s impossible to build a backdoor for just the good guys. I worry about unintentional vulnerabilities.”
Conley made the most colorful remarks of the day, including saying that he didn’t believe technical experts who said building backdoors is impossible.
“Did John Kennedy say we couldn’t go to the moon?” Conley asked. “He said no, we’re going to go because it’s the hard thing to do.”
“I’m a proud and patriotic American, too,” Farenthold responded. “But maybe the proper analogy would be if Kennedy said ‘We’re going to go the moon and no one else is ever going to go. Ever.’”
Conley cited upskirt photos, child pornography, and even the Boston Marathon bomber criminal case as reasons to forbid encryption without a backdoor, though he didn’t provide support in his brief remarks.
Leiu took exception to those remarks and said he was offended by Conley’s assertions. Conley then proposed that a backdoor be implemented on personal devices but corporate networks be allowed to keep strong encryption with no “golden keys.”
The state of computer security is “an emerging national crisis,” Matthew Blaze, a professor of information science at the University of Pennsylvania, said. And strong encryption is one of the few solutions in existence.
The FBI’s ideas would “weaken our infrastructure,” Blaze insisted. “The ultimate beneficiaries are criminals and rival nation states.”
“The FBI’s proposal to require encryption backdoors is a threat to fundamental human rights of privacy and free expression,” Carey Shenkman, a human rights and technology lawyer, told the Daily Dot. “That is the reason why free speech and privacy organizations around the world, including [United Nations] experts, adamantly say ‘no’ to backdoors.”
“Back doors also are counterproductive—they undermine our safety, because they put holes in systems that any attacker or hacker can exploit,” Shenkman added. “And, they make our businesses less competitive because other markets will not trust U.S. digital exports.”
Update 9:29am CT, April 30: Video of the hearing added.
Illustration by Max Fleishman
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.