Senate Bill Prohibits Government-Mandated Backdoors - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Senate Bill Prohibits Government-Mandated Backdoors
Oldest First  |  Newest First  |  Threaded View
danielcawrey
50%
50%
danielcawrey,
User Rank: Ninja
12/6/2014 | 1:04:14 AM
Clarity
The problem with Comey's comments are that in the past, there has not been transparency or clarity. And while I can appreciate his efforts to try to bring that to investigative practices, there are still going to be many who feel intrusive practices will still exist no matter what the government publicly says. 
micjustin33
50%
50%
micjustin33,
User Rank: Strategist
12/6/2014 | 2:26:32 AM
Re: Clarity
I see where the senator is trying to help. But it's not like there's a list of back doors the public has that we can close with a bill. How would really know if the back doors were takin care of? This seems like a ploy to get us distracted
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
12/6/2014 | 6:27:31 AM
Re: Clarity
The bill (which is an easy read at about a page and a half) wouldn't really close a lot of backdoors anyway.  All it looks like it would do, as it stands now, is prevent government agencies from mandating backdoors or release of information in the future.  Frequently, however, as Snowden showed us, it's not mandated; it's either coaxed or coerced, or it's just plain stolen.

What's more, the bill could potentially not cover certain industrial control system devices not sold to the general public.

And the whole thing doesn't apply anyway where mandates under the Communications Assistance for Law Enforcement Act are concerned.
jagibbons
50%
50%
jagibbons,
User Rank: Ninja
12/8/2014 | 6:45:06 AM
Re: Clarity
This sounds more like grandstanding about commonly held beliefs and paranoia rather than something that is truly geared toward the common good. It sounds like an important bill for the betterment of all in our society, but it doesn't have much in the way of teeth or requirement. My concern is much higher regarding non-US made equipment where there may be a state sponsoring back doors.
jries921
50%
50%
jries921,
User Rank: Ninja
12/8/2014 | 10:09:26 AM
Re: Clarity
It might be grandstanding, but I think the principle is correct: courts issue search warrants on probable cause, but people are not required to give the police keys to their homes, offices, automobiles, or storage units; nor has anyone seriously suggested such a mandate; and a mandate that all locks be pickable by the police would be laughed out of any legislature in the country.  And Sen. Wyden is correct that special access for the police is highly unlikely to be limited to the police; and it's even more unlikely that the police will never abuse the privilege.  It therefore seems to me that special access be granted *very* reluctantly, if at all.

 
DWilson.IA
50%
50%
DWilson.IA,
User Rank: Apprentice
12/8/2014 | 1:17:19 PM
Re: Clarity
Did you see the the movie, "Wag the dog"? 

 
GAProgrammer
50%
50%
GAProgrammer,
User Rank: Ninja
12/9/2014 | 9:16:06 AM
Re: Clarity
I applaud your excellent analogy to keys, but it falls short in one area - police can, with a warrant, break down a door or cut/pick a lock, thereby granting them access. The "frontdoor" approach (whatever that means) is supposed to give them that access. However, I agree with all the other posters that this is just more grandstanding and empty platitudes as the bill doesn't have any real teeth.
jries921
50%
50%
jries921,
User Rank: Ninja
12/9/2014 | 1:59:38 PM
Re: Clarity
The cops don't need special access to kick your door down, and if they do, then you know that someone (not necessarily a police officer) broke in.  To me, a front door approach means no access not available to private citizens without a warrant based on probable cause (with the usual exceptions); in other words, no special access; especially if surreptitious.  If the police want to tap someone's phone, then they should have procure a warrant, serve it on the provider, and then install, maintain, and operate the equipment themselves (at taxpayer expense) without any further need for cooperation from the provider.  And once the court ordered data have been procured and no more orders are likely to be forthcoming, the equipment should be removed.  And I actually am comfortable with the recipient of a search warrant being required to cooperate fully with the search, even to the extent of providing the keys needed to decrypt sought after data as again, he knows he's being searched and he can change the keys when the cops leave (but I'm not comfortable with luggage locks the TSA knows how to pick; I'd rather not lock my luggage at all, if that's the only other choice).  It also means that it should be *illegal* for custodians of the data and property of others to voluntarily surrender them to government officials without a warrant, unless it would be legal to grant such access to private citizens (and there should be no limits on liability in such cases).  But while special access approaches may sometimes be necessary, they should be rare, and avoided if at all possible; and should only be accessible by court order.

The assumption should be that if the police can do something, others will be able to, legally or not; and that there will always be some police officers and other government officials and agents who will abuse their authority, even if the vast majority of their peers are paragons of virtue.  The purpose of the Fourth Amendment is not to prevent a totalitarian state (such states feel free to ignore legal requirements whenever they find them inconvenient) and it's not to protect "criminals"; rather, the purpose is to prevent abuse of authority; and to protect people from intrusion and/or harassment when there is no logical reason to believe they have broken the law.

 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
12/12/2014 | 9:00:48 PM
Re: Clarity
Indeed, it strikes me as a worthy bill -- that seems bland enough to be able to garner enough support.  But it ultimately doesn't do much -- and that's concerning because that means there's very little real debate on this issue happening on Capitol Hill.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
12/12/2014 | 9:03:55 PM
Re: Clarity
The problem is that giving law enforcement the decryption key/complying with a court order is really just a form of insider attack, as Ed Felten posited a little more than a year ago on his blog; the only difference is motive.  And, of course, if you're vulnerable to this type of insider attack, you're vulnerable to other types.  Thus, taking moves like Apple has to try to make this impossible is good for security overall.


2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Commentary
Is Cloud Migration a Path to Carbon Footprint Reduction?
Joao-Pierre S. Ruth, Senior Writer,  10/5/2020
News
IT Spending, Priorities, Projects: What's Ahead in 2021
Jessica Davis, Senior Editor, Enterprise Apps,  10/2/2020
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll