- Man dragged for recording, posting video of neighbor being ‘killed’ instead of helping Saturday 4:14 PM
- How to stream Saints vs. Bears in Week 7 Saturday 3:25 PM
- How to stream Seahawks vs. Ravens in Week 7 Saturday 3:25 PM
- Are TikTok teens throwing up gang signs in their videos? Saturday 2:45 PM
- Anti-impeachment protesters believe ‘deep state’ tried to sabotage rally Saturday 12:51 PM
- How to stream 49ers vs. Redskins in Week 7 Saturday 12:00 PM
- How to stream Cardinals vs. Giants in Week 7 Saturday 12:00 PM
- How to stream Packers vs. Raiders in Week 7 Saturday 12:00 PM
- How to stream Vikings vs. Lions in Week 7 Saturday 12:00 PM
- How to stream Rams vs. Falcons in Week 7 Saturday 12:00 PM
- Billie Eilish fans think they figured out who stole her ring Saturday 11:32 AM
- ‘Give me candy’: Hailey Bieber mocked for defense of celebrating Halloween as a Christian Saturday 10:28 AM
- Aaron Paul predicted Jesse Pinkman’s fate on Reddit years ago Saturday 8:53 AM
- Netflix’s ‘Eli’ is a satisfyingly nasty blend of haunted houses and medical horror Saturday 7:00 AM
- Why 8chan’s founder is fighting to keep the infamous message board dead Saturday 6:30 AM
Newly leaked emails show how technology advisers on Hillary Clinton’s campaign discussed and debated the issue of encryption following 2015’s deadly terrorist attacks in Paris and San Bernardino, California.
At the Democratic primary debate on Dec. 20, 2015, Clinton called for a “Manhattan-like project” to solve law enforcement’s issues with popular encryption. Teddy Goff, a Clinton tech adviser, took issue with how the candidate approached the topic, criticizing her language and calling specific lines in which she admits to not knowing enough about the technology “cringe-y.”
Clinton’s line about law enforcement breaking into encrypted data was also criticized by Goff.
Sara Solow, another Clinton tech adviser, described another tactic that would narrowly target users of encryption.
“Couldn’t we tell tech off the record that she had in mind the malware/key strokes idea (insert malware into a device that you know is a target, to capture keystrokes before they are encrypted). Or that she had in mind really super code breaking by the NSA. But not the backdoor per se?” Solow wrote in the December 2015 email.
Solow seems to be referring to targeting a device (like a phone) to eavesdrop on data instead of targeting the data once it’s transferred. This approach can preempt encryption, rendering it effectively useless in the face of a highly targeted attack from, say, the FBI.
That’s why the United Arab Emirates recently attempted to install malware on a human rights’ activists iPhone. The activist uses encrypted technology, which would have been useless if the malware was successfully installed.
The U.S. government is already engaged in “quiet” conversations with Silicon Valley firms about this issue, according to Marcell Lettre, the under secretary of defense for intelligence at the Pentagon. The targeting option was held up as a preferred approach to encryption backdoors—weaknesses in encryption code that let knowing eavesdroppers in—which have been officially ruled off the table by the White House.
Because encryption was such a focal point around the world in December 2015, Clinton’s points made waves around the world when she spoke about issue in the primary debate. In the time since, the Democratic presidential nominee has backed the creation of a congressional commission on the issue.
Maybe most telling of all is that the Clinton campaign now uses Signal, an encrypted messaging app that’s considered a gold standard of security.
Here’s the full email from Goff laying out his views in a plainspoken manner not normally seen by the public.
i think it was fine, a solid B/B+. john tells me that he has actually heard nice things from friends of ours in SV, which is rare! i do think that “i would not want to go to that point” got overshadowed in some circles by the “some way to break in” thing — which does seem to portend some sort of mandate or other anti-encryption policy, and also reinforces the the ideological gap — and then, more atmospherically, by the manhattan project analogy (which we truly, truly should not make ever again — can we work on pressing that point somehow?) and the cringe-y “i don’t understand all the technology” line, which i also think does not help and we should avoid saying going forward.
speaking of not understanding the technology, there is a critical technical point which our current language around encryption makes plain she isn’t aware of. open-source unencrypted messaging technologies are in the public domain. there is literally no way to put that genie back in the bottle. so we can try to compel a whatsapp to unencrypt, but that may only have the effect of pushing terrorists onto emergent encrypted platforms.
i do think going forward it will be helpful to be able to refer to her having pledged not to mandate a backdoor as president. but we’ve got to iron out the rest of the message. i actually do believe there is a way to thread the needle here, which i am happy to discuss; it requires us to quickly pivot from encryption to the broader issue of working with tech companies to detect and stop these people, and not getting into the weeds of which app they happen to use and that sort of thing.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.