Unless I misinterpreted his remarks, what Obama *actually* said was that taking "absolutist" positions will come back to bite either side when the day comes where something much more life-and-death (as opposed to this current frivolous case) comes along -- he said that *public opinion* and congressional action on this issue would shift significantly if that happened. In that, he is correct.
The White House has, in my view, taken the wrong side in this debate, but he's correct in that people who are pro-encryption are having a tough time selling this to Ma and Pa Mainstream even in the ridiculously weak example case we have before us (re: San Bernardino), never mind the day when we think someone has nuke codes or the FBI claims that the iPhone is the only way to save some kidnapped sick child or some such.
As Edward Snowden (and likewise Professor Landau at the congressional hearing) said, the FBI needs to stop relying on decryption as a crutch and engage in finding their own methods to exploit flaws that currently exist. Pengu did it, and the FBI could not? A sad comment on the competence of that agency these days.
1. The TSA master key that opens up every TSA lock that protect your luggage can now be printed out by anyone with a 3d printer since the instructions for doing so are in public. So your TSA locks no longer protect you from any thief since any thief can easily make their own copy of the key. No wonder airport employees steal your belongings from your baggage. They have the master key. Now anyone can have the key.
2. As noted on some online articles, the master key to every New York City elevator is for sale on eBay and states outside of New York. It may be illegal to carry with you in New York. But what thief who wants access to every floor in every apartment, hotel, or building in New York wouldn't want to buy one for a few bucks in New Jersey or on eBay? Every building with an elevator in New York is now accessible to thieves and other crooks - including terrorists.
3. The lawmakers and police applauded Apple for locking up the iPhone with security. This stopped many iPhone users from being assaulted or killed by thieves who wanted their iPhones. This reduced the rate of crime significantly in big cities like New York. But now, if Apple is forced to create a back door to iOS, this will immediately be accessible to thieves. And the rate of assaults on iPhone users will once again go up. Obviously, since Android users have no security, they are already the targets of assaults and theft.
So much for keeping the backdoor private. So much for the idea of keeping the public safe.
Backdoors completely blow open any idea of safety or privacy and make you more easily victimized.
While I may disagree with Obama's position, he should be "tone deaf" on this and any other issue. The article says:
"It was tone deaf," Issa reportedly said. "He did not read the room in that portion of the answer. There's just no way to create a special key for government that couldn't also be taken advantage of by the Russians, the Chinese, or others who want access to the sensitive information we all carry in our pockets everyday."
So according to Issa, Obama should have shaped his message for the audience. No he shouldn't have. When you shape the message for the people in the room, that's called pandering. We hate when politicians do that because it's essentially a lie. Obama told the truth probably knowing that the audience would disagree. That's what he should do.
I suspect that Obama actually believes in encryption but can't risk alienating the entire security apparatus and he also probably doesn't want to make it an issue that the Republican presidential candidates can use - that "Democrats are weak on security and willing to let terrorists communicate freely."
"Congress and the people of the USA are right when they agree with him."
The "people of the USA" do not agree with him.
Judging by the rest of the message, I dare say that Roake meant that Obama considers that Congress and the people are right when they agree with him. (And they're wrong when they don't.) It's hard to know what "the people" think of this. I do believe that Obama's supporters trust him so much that they'll agree with him no matter what it is.
I'm an Obama supporter and I thoroughly disagree with him on this.
Our only safety net for data protection is encryption and it has to be unbreakable, no middle ground, otherwise, it would be better not to have it at all. It is worse to have a false sense of security, which can be exploited by governments and hackers.
I think the discussion about "balance" needs to be between the benefits and disadvantages of unbreakable encryption. The benefit of unbreakable encryption is that it provides protection for millions of low abiding Americans and allows the internet to thrive. On the negative, it also allows criminals to keep their communication private and in some cases, they could get away with crimes. But on balance, America benefits more from having unbreakable encryption than not. I think America needs to make a decision on this. It should not be left to few individuals like Obama or Comey.
I think Congressman Issa would be great as Chief of the FBI.
If law enforcement could protect the public from identity theft and getting data stolen – personal and public data– then end-to-end encryption would not be necessary. But they can't. So it is.
In other words, we have to protect our highly personal private data ourselves, because the gov't cannot do it for us.
The FBI and DoJ treating Apple like a criminal – by not notifying Tim Cook in advance of filing court orders, then running a massive PR effort on talk shows and in the Press vilifying Apple and besmirching their reputation is, ironically, a perfect example of why the public cannot trust government.
The argument for breaking the public's private encryption is that it makes it too inconvenient for law enforcement?
This argument is akin to law enforcement having to accept the inconvenience of pesky little barriers like Habeas corpus, reading Miranda rights, getting a warrant first, and not having unfettered stop and frisk "without cause"?
The awful truth is, most law enforcement agencies do not prevent crime. They investigate crime AFTER the fact. The FBI's agenda here is essentially to make their investigations easier so they can prosecute criminals. It's always been hard. But just like the concept of 'innocent until proven guilty', the right to privacy and the right to self-defense are inherent 'absolute' rights.
These laws have been inconvenient truths for law enforcement – but somehow they do their jobs anyway, don't they?
While I may disagree with Obama's position, he should be "tone deaf" on this and any other issue. The article says:
"It was tone deaf," Issa reportedly said. "He did not read the room in that portion of the answer. There's just no way to create a special key for government that couldn't also be taken advantage of by the Russians, the Chinese, or others who want access to the sensitive information we all carry in our pockets everyday."
So according to Issa, Obama should have shaped his message for the audience. No he shouldn't have. When you shape the message for the people in the room, that's called pandering. We hate when politicians do that because it's essentially a lie. Obama told the truth probably knowing that the audience would disagree. That's what he should do.
I suspect that Obama actually believes in encryption but can't risk alienating the entire security apparatus and he also probably doesn't want to make it an issue that the Republican presidential candidates can use - that "Democrats are weak on security and willing to let terrorists communicate freely."
Obama thinks he can "split the difference" and come to a political compromise. There is no compromise possible when math is involved. It's either secure encryption or it isn't.
I want to expand on an issue that chasm discussed in his comments above.
I have supported Apple’s stance on this issue from the very
beginning, and I continue to support Apple.
My support is based on the idea that we should never be comfortable with
the government’s routine intrusion into our private lives, and on more
pragmatic business-related concerns of setting such a precedent. We have to
fight such requests in order to find the right solution.
But now the comments from some folks are beginning to worry
me. I’m worried because I’m seeing
arguments that are based on the notion that an absolutist position is justified
in this situation. Extreme positions
bother me because the background influence of our passions, biases, and
self-interest means that we humans aren’t as smart as we think we are. So I think it’s a good idea to question this
notion that an absolutist position is justified.
Access to encrypted data is unlike most other issues that
involve the intersection between our rights as individuals and the government’s
desire to be intrusive. With most issues
of this type there’s usually an option to change our attitude, reverse our
policies, or modify our laws based on experience over time. But no legislation can give us access to
information that’s protected by strong encryption and certain password handling
procedures. What if that situation occurred in the setting of something that
absolutists believe is impossible? What if that situation occurred in a
situation that has noting in common with issues like crime or terrorism? What if we’re completely unable to gain
access to information regarding an existential threat?
Terrorism is unlikely to be an existential threat in the
near future. The loss of several
thousand lives is tragic, but it’s obviously not a threat to our very existence
as a complex society. So I think that
preserving our right to privacy is so fundamental that it may be an acceptable
trade-off if thousands of people lose their lives in a terrorist attack, and
preventing the attack wasn’t possible because of the inability to gain access
to to encrypted data
In contrast, the loss of hundreds of millions of lives and
catastrophic infrastructure damage doesn’t seem to be an acceptable outcome to
protect the rights of any individual or group.
From a big picture perspective, the terrorism scenario is
close to an extreme because it isn’t a convincing reason for
the government to trample over our right to privacy. However, it is far more likely than the other
extreme scenario of an existential threat (unrelated to criminal or terrorist
activity) that causes massive devastation. Most people would consider protection from such a scenario to be a justification for a privacy intrusion by the government, but I’m not suggesting that we will ever have to face such a scenario. My point in setting those 2 extremes is that
reasonable people should be able to see that the cut-off point for what is acceptable
intrusion by a government may involve threats somewhere on that spectrum, and
has to be based on a variety of factors. The challenge is that absolutism about
data encryption today limits the option to consider those factors in the future,
if being locked out of a data source renders discussion entirely useless.
It’s clear that most of us, myself included, are highly
suspicious of the motivations of our government. But is the human activity of government
inherently abusive or evil? The
well-documented examples of wide-spread corruption and the abuse of power by units
of governments (including our own NSA) or individuals within a government are
manifestations of human nature. That’s
obviously why we need checks on the power of the government. But let’s not forget that one of the most
important roles of a government is to protect us from each other and from threats
that no individual or group can resist.
An absolutist position that restricts the government means
that we will prevent both governmental abuse of citizens and the ability of the
government to protect us from a wide range of threats. So unless we use our brains to restrain our
natural tendencies we will probably fail to see the unintended but harmful
consequences of insisting on binary options for solving societal problems of
this unique type.
Do I take an absolutist position about what I wrote? No I
don’t. This is my perspective based on what I know or believe as of right
now. I’m willing to alter my opinion in
the face of logical arguments and/or supporting data. All I’m saying is that we should take Tim
Cook’s lead and make this type of government intrusion very difficult, but not
impossible. That means being willing to set aside our impulse to consider our
privacy to be so precious that nothing else is worth considering. We should
think about all meanings of the words “safety” and “security”.
Our only safety net for data protection is encryption and it has to be unbreakable, no middle ground, otherwise, it would be better not to have it at all. It is worse to have a false sense of security, which can be exploited by governments and hackers.
I think the discussion about "balance" needs to be between the benefits and disadvantages of unbreakable encryption. The benefit of unbreakable encryption is that it provides protection for millions of low abiding Americans and allows the internet to thrive. On the negative, it also allows criminals to keep their communication private and in some cases, they could get away with crimes. But on balance, America benefits more from having unbreakable encryption than not. I think America needs to make a decision on this. It should not be left to few individuals like Obama or Comey.
I think Congressman Issa would be great as Chief of the FBI.
I think whomever fills the position of head of the FBI looks at the issue from that position, rather than viewing things from the point of view of a constitutionalist. Once a culture is established in an organization or business it's pretty much locked until there is a top-to-bottom rout and restructuring of its core mission.
There is no compromise possible when math is involved. It's either secure encryption or it isn't.
It is not the encryption that is preventing the FBI from getting at the data, it is the auto wipe feature which doesn't involve encryption at all. Encryption keys vary in strength. The larger the key size the stronger it is. All encryption can be broken by brute force...eventually. There are also various types of encryption such as AES, RSA and different algorithms such as Elliptic Curve and Symmetrical which offer varying degrees of protection. I believe Apple uses 256 AES on iOS, which is on the strong side but certainly not absolute.
There is no compromise possible when math is involved. It's either secure encryption or it isn't.
It is not the encryption that is preventing the FBI from getting at the data, it is the auto wipe feature which doesn't involve encryption at all. Encryption keys vary in strength. The large the key size the stronger it is. All encryption can be broken by brute force...eventually. There are also various types of encryption such as AES, RSA and different algorithms such as Elliptic Curve and Symmetrical which offer varying degrees of protection. I believe Apple uses 256 AES on iOS, which on the strong but certainly not absolute.
I consider the 10 and delete and time delays between tries as part of the data protection scheme, which equal in relevance to encryption. Encryption protects the data itself, but the 10 and delete and time delays makes it more difficult to attack the encryption layer in the first place for the regular joe. The US Govt needs to figure ways around it and should be able to. But it is easier for them to use the courts to pressure Apple and set a precedence. The FBI is totally useless. Once they succeed at coercing Apple to remove the 10 and time delays, it will move on to the encryption itself and there is no stopping. This is a very steep slippery slope.
1. The TSA master key that opens up every TSA lock that protect your luggage can now be printed out by anyone with a 3d printer since the instructions for doing so are in public. So your TSA locks no longer protect you from any thief since any thief can easily make their own copy of the key. No wonder airport employees steal your belongings from your baggage. They have the master key. Now anyone can have the key.
2. As noted on some online articles, the master key to every New York City elevator is for sale on eBay and states outside of New York. It may be illegal to carry with you in New York. But what thief who wants access to every floor in every apartment, hotel, or building in New York wouldn't want to buy one for a few bucks in New Jersey or on eBay? Every building with an elevator in New York is now accessible to thieves and other crooks - including terrorists.
3. The lawmakers and police applauded Apple for locking up the iPhone with security. This stopped many iPhone users from being assaulted or killed by thieves who wanted their iPhones. This reduced the rate of crime significantly in big cities like New York. But now, if Apple is forced to create a back door to iOS, this will immediately be accessible to thieves. And the rate of assaults on iPhone users will once again go up. Obviously, since Android users have no security, they are already the targets of assaults and theft.
So much for keeping the backdoor private. So much for the idea of keeping the public safe.
Backdoors completely blow open any idea of safety or privacy and make you more easily victimized.
While I agree with the general thrust of your argument, in general, you don't need a key to operate NYC elevators. Certain floors of some hotels may require a key for access and sometimes a special suite or the penthouse of an office or apartment building, but in general, you just walk in and press a button. What a key would permit one to do is to shut the elevator off or override someone calling for the elevator. The keys are used by the fire department during emergencies so they can quickly get to any floor. They're also used during elevator inspections. And in any building that does require a key to operate the elevator, they're also highly likely to have security people and security cameras.
TSA employees don't steal items from luggage because the master keys are public. They steal items from your luggage because they already have the master keys. Actually, the bigger problem is that they frequently don't use the master keys and instead just cut the lock off. There are thousands of complaints that you can find online from people who use TSA locks and find them gone after the luggage is inspected. The TSA employees stealing items from luggage would be more akin to an FBI employee who has backdoor access to one's phone if they have the phone, using that access to steal your credit card information that you might have in a note or spreadsheet.
"Congress and the people of the USA are right when they agree with him."
The "people of the USA" do not agree with him.
Judging by the rest of the message, I dare say that Roake meant that Obama considers that Congress and the people are right when they agree with him. (And they're wrong when they don't.) It's hard to know what "the people" think of this. I do believe that Obama's supporters trust him so much that they'll agree with him no matter what it is.
Huh! No, I support Obama on most of his agenda, but there are quite a few sticking points. In fact the dems have had a long history of infighting on policy. That's one of the main thing that kept them out of power for most of 24 years (1968-1992). The GOP up to recently had a tendency to be of one mind on most issues.
The democrats have a tendency to be a lot more "big tent" than the GOP; there is a lot of dissension.
The GOP up to recently had a tendency to be of one mind on most issues.
One brainwashed mindset. You can't be a card carrying Republican unless you confess your unwavering support for their sacred cows, no abortion, prayer in school, no gun laws, no unions, no healthcare, more military, more war, cut taxes on wealthy and corporations, privatize education and social security, deregulation of the EPA, remove financial regulations and climate change deniers. Trump is philosophically not that different from the rest of the GOP, he just verbalizes it with brutal arrogance whereas the others are at least a little more subtle.
In the US you do at least have a written Constitution. In the UK we
don't, we have what is regarded as an unwritten Constitution which gives Parliament absolute sovereignty.
It's effectively the Divine Right of Kings enshrined in an elected Parliament with
no separation of powers.
The end result gives the government of
the day, acting with a small Parliamentary majority the power to push legislation like
the so-called 'snooper's charter' aka the Investigatory Powers Bill.
Amongst other stuff it contains powers which could compel Apple to do
what they are fighting in the US.
Read this. It will give the UK Government powers that the FBI dream of.
Comments
So according to Issa, Obama should have shaped his message for the audience. No he shouldn't have. When you shape the message for the people in the room, that's called pandering. We hate when politicians do that because it's essentially a lie. Obama told the truth probably knowing that the audience would disagree. That's what he should do.
I suspect that Obama actually believes in encryption but can't risk alienating the entire security apparatus and he also probably doesn't want to make it an issue that the Republican presidential candidates can use - that "Democrats are weak on security and willing to let terrorists communicate freely."
I think the discussion about "balance" needs to be between the benefits and disadvantages of unbreakable encryption. The benefit of unbreakable encryption is that it provides protection for millions of low abiding Americans and allows the internet to thrive. On the negative, it also allows criminals to keep their communication private and in some cases, they could get away with crimes. But on balance, America benefits more from having unbreakable encryption than not. I think America needs to make a decision on this. It should not be left to few individuals like Obama or Comey.
I think Congressman Issa would be great as Chief of the FBI.
If law enforcement could protect the public from identity theft and getting data stolen – personal and public data– then end-to-end encryption would not be necessary. But they can't. So it is.
In other words, we have to protect our highly personal private data ourselves, because the gov't cannot do it for us.
The FBI and DoJ treating Apple like a criminal – by not notifying Tim Cook in advance of filing court orders, then running a massive PR effort on talk shows and in the Press vilifying Apple and besmirching their reputation is, ironically, a perfect example of why the public cannot trust government.
The argument for breaking the public's private encryption is that it makes it too inconvenient for law enforcement?
This argument is akin to law enforcement having to accept the inconvenience of pesky little barriers like Habeas corpus, reading Miranda rights, getting a warrant first, and not having unfettered stop and frisk "without cause"?
The awful truth is, most law enforcement agencies do not prevent crime. They investigate crime AFTER the fact. The FBI's agenda here is essentially to make their investigations easier so they can prosecute criminals. It's always been hard. But just like the concept of 'innocent until proven guilty', the right to privacy and the right to self-defense are inherent 'absolute' rights.
These laws have been inconvenient truths for law enforcement – but somehow they do their jobs anyway, don't they?
I have supported Apple’s stance on this issue from the very beginning, and I continue to support Apple. My support is based on the idea that we should never be comfortable with the government’s routine intrusion into our private lives, and on more pragmatic business-related concerns of setting such a precedent. We have to fight such requests in order to find the right solution.
But now the comments from some folks are beginning to worry me. I’m worried because I’m seeing arguments that are based on the notion that an absolutist position is justified in this situation. Extreme positions bother me because the background influence of our passions, biases, and self-interest means that we humans aren’t as smart as we think we are. So I think it’s a good idea to question this notion that an absolutist position is justified.
Access to encrypted data is unlike most other issues that involve the intersection between our rights as individuals and the government’s desire to be intrusive. With most issues of this type there’s usually an option to change our attitude, reverse our policies, or modify our laws based on experience over time. But no legislation can give us access to information that’s protected by strong encryption and certain password handling procedures. What if that situation occurred in the setting of something that absolutists believe is impossible? What if that situation occurred in a situation that has noting in common with issues like crime or terrorism? What if we’re completely unable to gain access to information regarding an existential threat?
Terrorism is unlikely to be an existential threat in the near future. The loss of several thousand lives is tragic, but it’s obviously not a threat to our very existence as a complex society. So I think that preserving our right to privacy is so fundamental that it may be an acceptable trade-off if thousands of people lose their lives in a terrorist attack, and preventing the attack wasn’t possible because of the inability to gain access to to encrypted data
In contrast, the loss of hundreds of millions of lives and catastrophic infrastructure damage doesn’t seem to be an acceptable outcome to protect the rights of any individual or group.
From a big picture perspective, the terrorism scenario is close to an extreme because it isn’t a convincing reason for the government to trample over our right to privacy. However, it is far more likely than the other extreme scenario of an existential threat (unrelated to criminal or terrorist activity) that causes massive devastation. Most people would consider protection from such a scenario to be a justification for a privacy intrusion by the government, but I’m not suggesting that we will ever have to face such a scenario. My point in setting those 2 extremes is that reasonable people should be able to see that the cut-off point for what is acceptable intrusion by a government may involve threats somewhere on that spectrum, and has to be based on a variety of factors. The challenge is that absolutism about data encryption today limits the option to consider those factors in the future, if being locked out of a data source renders discussion entirely useless.
It’s clear that most of us, myself included, are highly suspicious of the motivations of our government. But is the human activity of government inherently abusive or evil? The well-documented examples of wide-spread corruption and the abuse of power by units of governments (including our own NSA) or individuals within a government are manifestations of human nature. That’s obviously why we need checks on the power of the government. But let’s not forget that one of the most important roles of a government is to protect us from each other and from threats that no individual or group can resist.
An absolutist position that restricts the government means that we will prevent both governmental abuse of citizens and the ability of the government to protect us from a wide range of threats. So unless we use our brains to restrain our natural tendencies we will probably fail to see the unintended but harmful consequences of insisting on binary options for solving societal problems of this unique type.
Do I take an absolutist position about what I wrote? No I don’t. This is my perspective based on what I know or believe as of right now. I’m willing to alter my opinion in the face of logical arguments and/or supporting data. All I’m saying is that we should take Tim Cook’s lead and make this type of government intrusion very difficult, but not impossible. That means being willing to set aside our impulse to consider our privacy to be so precious that nothing else is worth considering. We should think about all meanings of the words “safety” and “security”.
Governments will always use emotions to get you to do things, but we must use our brains.
TSA employees don't steal items from luggage because the master keys are public. They steal items from your luggage because they already have the master keys. Actually, the bigger problem is that they frequently don't use the master keys and instead just cut the lock off. There are thousands of complaints that you can find online from people who use TSA locks and find them gone after the luggage is inspected. The TSA employees stealing items from luggage would be more akin to an FBI employee who has backdoor access to one's phone if they have the phone, using that access to steal your credit card information that you might have in a note or spreadsheet.
The democrats have a tendency to be a lot more "big tent" than the GOP; there is a lot of dissension.
The end result gives the government of the day, acting with a small Parliamentary majority the power to push legislation like the so-called 'snooper's charter' aka the Investigatory Powers Bill. Amongst other stuff it contains powers which could compel Apple to do what they are fighting in the US.
Read this. It will give the UK Government powers that the FBI dream of.