Bad Guys Won’t Follow Encryption Rules Anyway

[steven36]

 

The US government and law enforcement agencies want to make sure terrorists and criminals can’t hide behind encryption. The solution, apparently, is to try and force vendors to build backdoors through the encryption. The problem with that “solution” is that it exposes all of the innocent, law abiding companies and citizens to potential compromise of sensitive data, but the bad guys will just find ways around the backdoor requirement:

 

Quote

 

The world can be a dangerous place, and nations around the world must be vigilant to identify and prevent attacks from would-be terrorists. In the wake of recent terrorist attacks in Paris and in San Bernardino, Calif., there has been increased debate over the need for intelligence agencies to have some sort of back-door access to enable monitoring of encrypted data and communications. It’s an issue of national security, apparently.

 

How would that work, exactly? Let’s assume that we allow the government to mandate that our Internet providers, websites and Web browsers, email systems, instant messaging tools, and other computer and communication technologies build some sort of encryption back door that allows Big Brother to keep tabs on everything and everyone. Would we then also make a rule demanding that would-be terrorists only use the tools that comply with the encryption back-door requirement?

 

I know that sounds silly, but how else would it work? The problem with making rules and regulations is that they only apply to law-abiding organizations and individuals. Terrorists and criminals—by definition—don’t follow the rules, so making new rules won’t really change anything.

 

The bad guys that are ostensibly the target of an encryption back door can simply choose to use platforms and applications that don’t comply with the encryption back door requirements. The more resourceful terrorists and criminals can just develop their own proprietary tools to encrypt information. Those that lack the capacity to do so would simply find alternative methods to communicate that circumvent the encryption back door. At the very least, the only terrorists or criminals who could be monitored or captured as a result of a known encryption back door would be the dumbest of the dumb, and probably would have blown themselves up anyway.

 

Meanwhile, all of the law-abiding organizations and citizens would now be monitored by intelligence agencies and law enforcement, just in case one of those moron terrorists or criminals happens to slip up and telegraph plans for an attack using methods that comply with the encryption back door mandate. Unless accessing data and communications using the encryption back door will also require probable cause and a properly-issued warrant, it seems to me that implementing such a back door would first require repealing the Fourth Amendment of the United States Constitution.

I don’t believe that our government has a hidden agenda designed to strip away our rights. I believe that the concern over encrypted communications is valid and that those calling for a back door for intelligence agencies and law enforcement have the right intentions. I just don’t think we should change our values or surrender Constitutional rights when the proposed “solution” will only impact law-abiding citizens, and would simply weaken or marginalize the value of encryption itself. 

http://www.rsaconference.com/blogs/encryption-rules-only-apply-to-those-who-follow-them

 

The Source

 

[Holmes]

There is no viable way to build backdoors into encryption without hurting users that are not the target audience.  Like the nsa trying to fight terrorists they have to target everybody we would need some stateful inspection to do some real good that would be very expensive and that requires ai intelligence a robot programmed to identify with perfect accuracy law abiding citizens from terrorists or criminals unless you want humans to do that (that would be exhausting holy sh*t).  The problem with robots doing it we dont want them getting to smart and try to take over skynet the red queen.

[straycat19]

52 minutes ago, Holmes said:

There is no viable way to build backdoors into encryption without hurting users that are not the target audience.  Like the nsa trying to fight terrorists they have to target everybody we would need some stateful inspection to do some real good that would be very expensive and that requires ai intelligence a robot programmed to identify with perfect accuracy law abiding citizens from terrorists or criminals unless you want humans to do that (that would be exhausting holy sh*t).  The problem with robots doing it we dont want them getting to smart and try to take over skynet the red queen.

 

Backdoors in encryption are nothing new and it doesn't hurt anyone because you have to have hands on the equipment in order to use the access tools.  And if law enforcement has hands on your equipment you have bigger problems than them breaking into your encrypted system.  The only people really complaining about this are those who are trying to hide their illegal activities, but you can encrypt you just can't hide.  Some of the full disk encryption tools today have special access built in but it isn't hardcoded per se since the code to get in changes daily and you have to be in a position to have access to that code.  Other encryption, like Bitlocker, can be broken by anybody who does a little research on the internet and knows what to look for.

[davmil]

6 hours ago, straycat19 said:

 

Backdoors in encryption are nothing new and it doesn't hurt anyone because you have to have hands on the equipment in order to use the access tools.  And if law enforcement has hands on your equipment you have bigger problems than them breaking into your encrypted system.  The only people really complaining about this are those who are trying to hide their illegal activities, but you can encrypt you just can't hide.  Some of the full disk encryption tools today have special access built in but it isn't hardcoded per se since the code to get in changes daily and you have to be in a position to have access to that code.  Other encryption, like Bitlocker, can be broken by anybody who does a little research on the internet and knows what to look for.

I hate to agree, but believe you're probably right.

 

[slick1109]

How do they even think they would implement this?  As an example, if it became known that Apple iOS 10.0 included a backdoor then nobody would ever upgrade to it and they would all stay on 9.2.1 or whatever the last Safe version was.  Same thing with Android and any other OS.  They cant force people to upgrade.  If they tried to then there are always ways to block your device from even accessing the upgrade servers in the first place.  No new OS features would entice me to give up my privacy.

[vibranium]

It's one thing to coerce vendors to put in a backdoor. Savvy users can do something about it.

 

It's another thing to outlaw deliberate encryption by private users. And yet some politicians want us to head down that road.

[steven36]

16 hours ago, straycat19 said:

 

Backdoors in encryption are nothing new and it doesn't hurt anyone because you have to have hands on the equipment in order to use the access tools.  And if law enforcement has hands on your equipment you have bigger problems than them breaking into your encrypted system.  The only people really complaining about this are those who are trying to hide their illegal activities, but you can encrypt you just can't hide.  Some of the full disk encryption tools today have special access built in but it isn't hardcoded per se since the code to get in changes daily and you have to be in a position to have access to that code.  Other encryption, like Bitlocker, can be broken by anybody who does a little research on the internet and knows what to look for.

You live in California    right were there  trying  to down right ban it  . f you're  carrier want support  you're make of phone because its illegal then you want have it anymore and they dont have to come to you're home to ban it . they just need to pass a law  .

 

And you're wrong lots of things are encrypted in the cloud  not just on you're machine . You take people who uses whats app or emails  etc that's all online encryption . Only apple is in court for offline encryption . Microsoft  is in court for online  email encryption.

 

They put backdoors  in your emails , IM encryption, etc  and its legal the government will just abuse those backdoors .

 

 

If they put legal  backdoors  in encryption they may as well make it illegal because only bad guys will have it . Its going send the internet back to the point before we had it . If its full of legal backdoors that's not public knowledge  you want know how to get  around it.  It want be no use in having it. 

 

Tim Cook Ceo of Apple and most big companies  that make products are against backdoors  did they do something wrong ? No  , Privacy should be a right  not something we have to break the law to achieve .

 

As far as offline encryption on pcs  you can just use something  made were  its not made by a five eyes country .

Anything  open source  even if they were able to backdoor it  someone not in a five eyes country can make a fork of it and remove the backdoors .

 

 

5 hours ago, vibranium said:

It's one thing to coerce vendors to put in a backdoor. Savvy users can do something about it.

 

It's another thing to outlaw deliberate encryption by private users. And yet some politicians want us to head down that road.

That's the point in the end there going to win ether way i hate to say,  ether they agree to let them put back doors in there products or the government is going to put a full ban on it.

 

That's why i would not own a phone other than a burner , Ive never trusted cell phones ..and i use email  only for legit needs and its based not in my country ...nether is my vpn  . I dont use gmail , yahoo or Microsoft email  and I dont go on facebook .

[Holmes]

I know backdoors in encryption are not new and depending on the type of equipment if the equipment is connected to a website and or a employee goes rogue there goes the isolation (the best way for encryption not to get hacked is putting it on a intranet).  I dont have the law enforcement on my ass I dont think I do I agree if I did a encrypted system is useless or is it remember a person got into trouble and the law enforcement couldnt get through the encryption and the court was trying to order the person to hand over the encryption keys I dont remember if they ever did.  I dont do any illegal activities I dont have to hide I do want to encrypt my sh*t (Im not worried about law enforcement or the government I dont have to be).  I agree the full disk encryption tools some have that special access like my road runner modem there is special access into that to its not full disk encryption or encryption at all I know.  Thats what we need with encryption polymorphic code like what a polymorphic virus does makes it much harder to get to that code unless like I said there is a website linked or a employee goes rogue and gets in and copies the code and paste it on pastebin.  I wouldnt use bitlocker I dont know how much I can trust it.  I agree with most of what you said stray as for steven I agree if the government is denied the permission to put backdoors in encryption there just going to ban it.  I use gmail and yahoo I dont use microsoft mail I refuse to do that and I have a facebook account and a myspace Im about to delete my myspace.

[vibranium]

19 hours ago, steven36 said:

That's why i would not own a phone other than a burner , Ive never trusted cell phones ..and i use email  only for legit needs and its based not in my country ...nether is my vpn  . I dont use gmail , yahoo or Microsoft email  and I dont go on facebook .

 

I have more or less come to the same conclusion.

[Sylence]

They got to look at it in another way, why would terrorists want to attack them, stop being a lucrative target, be like Sweden 

[steven36]

6 hours ago, saeed_dc said:

They got to look at it in another way, why would terrorists want to attack them, stop being a lucrative target, be like Sweden 

You could say this  about any other country  in the world almost though ..Because Sweden  has a been neutral since 1812. Since the time of the Napoleonic Wars. That dont make them Exempt if some dictator  was to try take over anyways .   terrorists attack all countries  almost be  there in the EU , Russia or China  and even the middle east  so whats you're point?  The whole reason Russia is in Syria is because they were being targeted by terrorists in there homeland.

 

You think if the USA and others  became like Sweden then terrorism would go away? What a joke,  it would just get worse . In order for the world to stop fighting terrorists they would have to  stop being terrorists . If you not noticed  its really a world war that's not officially declared,  were governments  are fighting within and outside of there own countries .

[Sylence]

18 minutes ago, steven36 said:

You could say this  about any other country  in the world almost though ..Because Sweden  has a been neutral since 1812. Since the time of the Napoleonic Wars. That dont make them Exempt if some dictator  was to try take over anyways .   terrorists attack all countries  almost be  there in the EU , Russia or China  and even the middle east  so whats you're point?

 

It's not a good assumption that terrorists attack all countries, they don't do random there's always some background and reasons

[steven36]

8 minutes ago, saeed_dc said:

 

It's not a good assumption that terrorists attack all countries, they don't do random there's always some background and reasons

I dont care if they have a reason are not  . There's no excuse for it  . If they chose to be that way then they  have to deal with it when all these places come at them. Talking about it want make it go away ether . Banning  encryption in the USA  is not all about terrorism no ways .  They also want to ban it to slow down human and drug  trafficking .

[Sylence]

8 minutes ago, steven36 said:

I dont care if they have a reason are not  . There's no excuse for it  . If they chose to be that way then they  have to deal with it when all these places come at them. Talking about it want make it go away ether . Banning  encryption in the USA  is not all about terrorism no ways .  They also want to ban it to slow down human and drug  trafficking .

 

So it's all about trust, whether you trust an organization with your life and sensitive personal data. then also need to decide whether you're ready to kiss your privacy goodbye or not. like you got any other choices.. :/

[steven36]

7 minutes ago, saeed_dc said:

 

So it's all about trust, whether you trust an organization with your life and sensitive personal data. then also need to decide whether you're ready to kiss your privacy goodbye or not. like you got any other choice.. :/

What you're  talking about is cell phones and the internet  . I never have trusted  any organization even though really i have nothing to hide  . I remember  back before we had all this encryption on the WWW  things were different then but no one busted down you're  door for being on the internet

 

If things got that bad were it were no fun no more.. id just watch TV  or something and not bother coming on. Once it  gets to be not  cool , its time to move on.

[Sylence]

12 minutes ago, steven36 said:

What you're  talking about is cell phones and the internet  . I never have trusted  any organization even though really i have nothing to hide  . I remember  back before we had all this encryption on the WWW  things were different then but no one busted down you're  door for being on the internet

 

If things got that bad were it were no fun no more.. id just watch TV  or something and not bother coming on. Once it  gets to be not  cool , its time to move on.

 

Yes including them but i'm more talking about encryption algorithms and programs, take Veracrypt software or Bcrypt algorithm as examples. the second one is knows to be the most secure one because of the slow brute force decryption. what happens when you find out NSA has already put a back door in it?

I read something about encryption policies of Kaspersky's enterprise products that was very interesting! but I can't find it now on their website

 

Lol by that time there won't be any traditional TVs just IP-TVs or satellites and they won't let you go offline any way. 

[steven36]

20 minutes ago, saeed_dc said:

 

Yes including them but i'm more talking about encryption algorithms and programs, take Veracrypt software or Bcrypt algorithm as examples. the second one is knows to be the most secure one because of the slow brute force decryption.

I read something about encryption policies of Kaspersky's enterprise products that was very interesting! but I can't find it now on their website

 

Lol by that time there won't be any traditional TVs just IP-TVs or satellites and they won't let you go offline any way. 

No such thing happening  though you can still unplug smart tvs from the net and not use the smart part of it  . Satellites  only  time it needs plugged in to call out is to order  something extra Satellites for TVs are just a incoming signal . . Still 60% of the world dont have internet at all .

 

If they turn internet into something that's not fun how do expect to get all those people that dont have it yet.. to want it?

 

I have friends and family  were i live that still never had it .

[Sylence]

18 minutes ago, steven36 said:

No such thing happening  though you can still unplug smart tvs from the net and not use the smart part of it  . Satellites  only  time it needs plugged in to call out is to order  something extra . Still 60% of the world dont have internet at all . Satellites for TVs are just a incoming signal .

 

those 60% aren't as important as the other 40% who use Internet..just think it through  

 

btw abuse of encryption doesn't need an internet connection, at least Stuxnet didn't

 

most satellite receivers specially the Linux-based ones are able to utilize both incoming and outgoing signals using the same LNB.

 

[steven36]

17 minutes ago, saeed_dc said:

 

those 60% aren't as important as the other 40% who use Internet..just think it through  

 

btw encryption doesn't need an internet connection, at least Stuxnet didn't

 

most satellite receivers specially the Linux-based ones are able to utilize both incoming and outgoing signals using the same LNB.

 

People are people everyone puts there pants on the same way everyday   .. Some old people  , some poor people and there are some who dont believe in modern technology at all some who are very important . Were im from there still some who dont believe in lights  or cars even they still ride in a horse and buggy .

 

If you want satellite internet that's extra money  from the dish providers and its a ripoff  . Only people who buy satellite internet would be people who live in rural areas were there's no DSL yet . You only get like 200mb bandwidth a day .DSL ,Fiber, Mobile  or cable is much cheaper .  

[Sylence]

4 minutes ago, steven36 said:

People are people everyone puts there pants on the same way everyday   .. Some old people  , some poor people and there are some who dont believe in modern technology at all some who are very important . Were im from there still some who dont believe in lights  or cars even they still ride in a horse and buggy .

 

I know I know..i mean they're not that important for intelligence agencies because they literary don't have an online profile. we got people who ride on horses too on mountains etc. but never knew that you actually can choose not to believe in lights...when they see a light they deny it ?!!!

[steven36]

1 minute ago, saeed_dc said:

 

I know I know..i mean they're not that important for intelligence agencies because they literary don't have an online profile. we got people who ride on horses too on mountains etc. but never knew that you actually can choose not to believe in lights...when they see a light they deny it ?!!!

Yes you chose to live as you want in some countries  its not thy dont believe it exist  at all . Its they dont believe  in using it and if  you're  part them and you chose to live in the modern  world you will be banished and you're family  and friends  will never have anything to do with you its called freedom of religion.

[Sylence]

1 minute ago, steven36 said:

Yes you chose to live as you want in some countries  its not thy dont believe it exist  at all . Its they dont believe  in using it and if  you're  part them and you chose to live in the modern  world you will be banished and you're family  and friends  will never have anything to do with you its called freedom of religion.

 

speaking of religion I never heard or read any of them lead people to stupidity or blindness...it's not even about religion though! anyway, freedom doesn't imply people will choose the right thing and ignore the wrongs

[steven36]

1 minute ago, saeed_dc said:

 

speaking of religion I never heard or read any of them lead people to stupidity or blindness...it's not even about religion though! anyway, freedom doesn't imply people will choose the right thing and ignore the wrongs

Whats wrong if certain people chose to be different ?  Its not only about freedom of religion , Its about freedom of choice to live as you want as long abide by the laws of the land. I dont live in you're land so im not subject to you're laws but i'm free to have the same beliefs as you but i dont because im not a religious person .  Im glad i live were i do  were i have the freedom to believe as i want .

[Sylence]

1 minute ago, steven36 said:

Whats wrong if certain people chose to be different ?  Its not only about freedom of religion , Its about freedom of choice to live as you want as long abide by the laws of the land. I dont live in you're land so im not subject to you're laws but i'm free to have the same beliefs as you but i dont because im not a religious person .  Im glad i live were i do  were i have the freedom to believe as i want .

 

It's not wrong at all if people choose to be different, nobody likes a boring society. you don't know whether i'm a religious person or not so better not make any self assumptions. unfortunately you don't have the slightest idea how people live in this land where I am. seriously, how could you? when most of the news you read about this land is faked  

[steven36]

13 minutes ago, saeed_dc said:

 

It's not wrong at all if people choose to be different, nobody likes a boring society. you don't know whether i'm a religious person or not so better not make any self assumptions. unfortunately you don't have the slightest idea how people live in this land where I am. seriously, how could you? when most of the news you read about this land is faked  

Only thing i know is what i read  but i dont pay much mind to it  , After all i lived without the  internet long after i became a adult . that's were i see the internet as a bad thing too much fake news and people making opinions about places they never been that dont really have a  clue... That's why we have rules here at this site that we need to focus  on how were alike not different.