FBI director says there may be 'solutions' to end-to-end encryption debate
FBI Director Christopher Wray once again hammered home his opposition on end-to-end encryption on Tuesday, suggesting that there are "solutions" for letting law enforcement bypass security measures without exposing consumers.
"It can't be a sustainable end state for there to be an entirely unfettered space that's utterly beyond law enforcement for criminals to hide," Wray said at the RSA Conference in San Francisco, quoted by Gizmodo. "We have to figure out a way to deal with this problem."
Wray mentioned that long-running talks between the U.S. government and tech companies are still ongoing, but was quiet on details.
"I'm hearing increasingly that there are solutions," he said.
He may be building on the views of people like U.S. Deputy Attorney General Rod Rosenstein, who in 2017 promoted the idea of "responsible encryption," using examples like centralized security keys -- such as the ones Apple uses to comply with warrants for iCloud data -- and sanctioned key recovery methods when someone forgets the password to an encrypted computer.
Those systems are potentially vulnerable to hacking or phishing, however. End-to-end encryption is the most secure form of online communication available, as its design allows only senders and recipients to decipher transmitted contents. Even platform holders like Apple and Facebook are unable to read messages unless they're archived somewhere less secure. As a result, government officials like Wray, Rosenstein and executive assistant FBI director Amy Hess have regularly complained about communications "going dark" to law enforcement and spy agencies.
Apple typically complies with police warrants and National Security Agency requests, but in 2016 famously fought the FBI and Justice Department over demands for a backdoor into the iPhone of San Bernardino shooter Syed Rizwan Farook. The company argued that it couldn't be compelled to write new code, and that doing so would fundamentally weaken the security of iOS. The DOJ's case ultimately fizzled when it turned to a third-party service that successfully cracked Farook's iPhone 5c.
Partly because of the Farook incident, critics have been skeptical of the "going dark" threat, suggesting that there are often alternatives to intercepting services like iMessage and WhatsApp. Apple and like-minded parties have contended that encryption is essential not just for general privacy, but keeping people safe from hackers and mass surveillance, particularly in countries where leaders may imprison or murder dissenters.
In February, Apple and a collection of trade groups, NGOs, and other tech companies submitted comments opposing an Australian law passed in December which demands businesses help the government access encrypted messages. The view is that the law is too vague, and could be used to demand weakened encryption not just in Australia but eventually in any country within the "Five Eyes" network -- Australia, Canada, New Zealand, the UK and the U.S. Those countries regularly collaborate on intelligence matters, and the network recently claimed that "privacy is not an absolute," with the further assertion that it would aim to access encrypted data through legislation.
The U.K.'s GCHQ intelligence agency even recently proposed adding government agents as silent participants in group chats, something opponents have said could be even worse than weakened encryption, since it could be very quickly turned to mass surveillance or exploitation by hackers.
"It can't be a sustainable end state for there to be an entirely unfettered space that's utterly beyond law enforcement for criminals to hide," Wray said at the RSA Conference in San Francisco, quoted by Gizmodo. "We have to figure out a way to deal with this problem."
Wray mentioned that long-running talks between the U.S. government and tech companies are still ongoing, but was quiet on details.
"I'm hearing increasingly that there are solutions," he said.
He may be building on the views of people like U.S. Deputy Attorney General Rod Rosenstein, who in 2017 promoted the idea of "responsible encryption," using examples like centralized security keys -- such as the ones Apple uses to comply with warrants for iCloud data -- and sanctioned key recovery methods when someone forgets the password to an encrypted computer.
Those systems are potentially vulnerable to hacking or phishing, however. End-to-end encryption is the most secure form of online communication available, as its design allows only senders and recipients to decipher transmitted contents. Even platform holders like Apple and Facebook are unable to read messages unless they're archived somewhere less secure. As a result, government officials like Wray, Rosenstein and executive assistant FBI director Amy Hess have regularly complained about communications "going dark" to law enforcement and spy agencies.
Apple typically complies with police warrants and National Security Agency requests, but in 2016 famously fought the FBI and Justice Department over demands for a backdoor into the iPhone of San Bernardino shooter Syed Rizwan Farook. The company argued that it couldn't be compelled to write new code, and that doing so would fundamentally weaken the security of iOS. The DOJ's case ultimately fizzled when it turned to a third-party service that successfully cracked Farook's iPhone 5c.
Partly because of the Farook incident, critics have been skeptical of the "going dark" threat, suggesting that there are often alternatives to intercepting services like iMessage and WhatsApp. Apple and like-minded parties have contended that encryption is essential not just for general privacy, but keeping people safe from hackers and mass surveillance, particularly in countries where leaders may imprison or murder dissenters.
In February, Apple and a collection of trade groups, NGOs, and other tech companies submitted comments opposing an Australian law passed in December which demands businesses help the government access encrypted messages. The view is that the law is too vague, and could be used to demand weakened encryption not just in Australia but eventually in any country within the "Five Eyes" network -- Australia, Canada, New Zealand, the UK and the U.S. Those countries regularly collaborate on intelligence matters, and the network recently claimed that "privacy is not an absolute," with the further assertion that it would aim to access encrypted data through legislation.
The U.K.'s GCHQ intelligence agency even recently proposed adding government agents as silent participants in group chats, something opponents have said could be even worse than weakened encryption, since it could be very quickly turned to mass surveillance or exploitation by hackers.
Comments
Freedom is inherently dangerous, and only the ignorant sheeple of this country actually believe that we can legislate evil away.
“I prefer dangerous freedom over peaceful slavery.” - Thomas Jefferson
There are lots of ways for criminals to have secure communication between themselves that the police will NEVER be able to intercept. This is just another bullshit ploy to get access to our data.
Yes, there may be abuses, but shouldn't we be voting in intelligent people that appoint and oversee intelligent people, Judges, FBI Directors, etc? With proper oversight, of course.
Criminals don’t even need to come up with their own version of electronic communications. They can simply meet in person to discuss things. Not only can’t they be intercepted, but there’s no record of what they said. Just the memory of the individuals involved.
Next those smart cameras and appliances will be cracked and it "won't" compromise our data. We'll have to commit a crime first! hahahaha. It's the Patriot Act all over again.
BWAHAHAHAA! Maybe it's time to switch to android?
FBI director says there may be 'solutions' to end-to-end encryption debate.
Um, end-to-end encryption is the solution.
If i write an encrypted message on a paper that they can't decrypt what would be the backdoor here, torture?
The next step is a chip in our head so they can simply read the password.
Nice!
Thought is not. Communication is an extension of thought. What I tell/think about people is part of my conscious. It is a basic human right. If the government thinks they have the right to know everything about me or other citizens, I rather live in jungle with animal. This is not 1984 or The motherland.
Criminal or terrioist do exists and is bad for everyone. But in order to catch a few but sacrifice everyone else seems idiot. It almost sounds like government should keeps all people’s money so the thieves can steal from you. But very often, it is the government that is the one who steals.