Paris Attacks Would Not Have Happened Without Crypto (arstechnica.com) 521
An anonymous reader writes with a story at Ars Technica, citing a Yahoo News interview, that National Security Agency Director Michael Rogers has explicitly blamed the terrorist attacks which struck Paris last November on communications backed by strong crypto. From the article:
Because of encrypted communications, he said, "we did not generate the insights ahead of time. Clearly, had we known, Paris would not have happened."
Rogers did not explicitly re-launch the campaign waged by FBI director James Comey to force technology companies to provide a "golden key" to encrypted communications. Rogers called encryption "foundational to our future" and added that arguing over encryption backdoors was "a waste of time." But he did say that encryption was making the job of the NSA and law enforcement more difficult.
The interview comes shortly after the FBI won an order requiring Apple to provide technical means to bypass the security measures preventing them from unlocking the iPhone 5C belonging to Syed Rizwan Farook. Farook, along with his wife, are responsible for the December mass shooting in San Bernardino, California."
Not this old info again (Score:5, Insightful)
They keep trying, however the true fact remains no encryption was used by these terrorists.
Re: Not this old info again (Score:5, Funny)
They used the incidious ROT-26 encryption. How are police expected to bypass that?!!!
Re: (Score:2)
ROT13 was good enough for Caesar, so it should be good enough for terrorists.
Re: (Score:3)
Re: Not this old info again (Score:5, Funny)
Comment removed (Score:5, Funny)
Re: Not this old info again (Score:5, Funny)
Caesar's assassins used the ET-2 scheme.
Re: Not this old info again (Score:5, Funny)
Re:Not this old info again (Score:5, Insightful)
They keep trying, however the true fact remains no encryption was used by these terrorists.
Nor would it have helped prevent 9/11. Encryption is nothing. Intelligence and cooperation are everything.
Re: Not this old info again (Score:5, Insightful)
Re: (Score:3)
Encryption is math. How are we going to prevent terrorists from using math? I'm sure the ability for the terrorists to use math also degrades the abilities of intelligence agencies too. Forcing Apple and Google to sell phones without the wrong math on them doesn't stop terrorists from using the right math.
Sure, if we could effectively ban terrorists from using math, that would be great, but we can't. Making it harder for regular citizens to easily use math doesn't really stop the terrorists from using i
Re: (Score:3)
Re:Not this old info again (Score:5, Insightful)
Hey NSA, &other FED LEOs - don't destroy the infrastructure of the world economy with your abject incompetence. You can't even effectively make use of the encrypted data you already collect.
Re: (Score:3)
Re:Not this old info again (Score:5, Informative)
Actually, their lies go far deeper than that. The terrorist group involved have a glossy color magazine called Dabiq [clarionproject.org]. Apparently that magazine carried an interview with the leader of the Brussels / Paris cell where he announced that he was planning to hit Paris. Several months before the attacks. I wonder if any of the secret services read the thing, it is in English.
Re:Not this old info again (Score:5, Interesting)
That's what you have to deal with with open publications. Yeah western inellignece can read Dabiq. But ISIS also knows that they can read it. Thus it becomes a perfect platform for feeding western intelligence agencies disinformation. Anything that's openly published that way has to be taken with a huge grain of salt unless it's corroborated by other intelligence. The reason why intelligence agencies are so desperate to break crypto is because if you're encrypting something, you're presumably doing so because it contains information you don't want foreign intelligence agencies to read. Thus it is precisely the type of stuff intelligence agencies want to be able to read.
That's not to say we should roll over and let NSA put backdoors in everything. If they get that, then ISIS knows and can start poisoning their encrypted communications with disinformation, while pulling their real communication behind a higher level of encryption. No, in order for what the NSA wants to work, they would have to insert backdoors but also keep those backdoors secret from the public. My best guess is the western intelligence agencies are raising the spectre of backdoors in encryption software they know they can't break, in the hopes it scares groups like ISIS into using different encryption tools. Perhaps ones they can already break. Or maybe ISIS will try to write their own encryption software, which is notoriously difficult and can easily result in flaws which can be exploited by intelligence agencies to help them crack it.
Re: (Score:3)
It's probably easier to just compromise the endpoints. Strong crypto is already out there. It's open, it's documented, and it's in the wild. There is no way that the American government can put that toothpaste back in the tube, short of declaring anyone with strong crypto a criminal (very unlikely). GPG can already do the trick for secure communications - but the built-in device stuff is a low-hanging fruit that is easy to chase after-the-fact. The easier and most likely route of attack is compromising
Re:Not this old info again (Score:4, Informative)
It appears that your first link is regarding a different Mike Rogers - Representative Mike Rogers from Michigan, whereas the gentleman in the article linked in the story is Vice Admiral Mike Rogers, NSA Director.
Its confusing that there are 2 prominent political representatives named Mike Rogers as well as the director of the NSA, and that at lest 2 of the 3 are talking about crypto issues, but to keep the lines clear and make proper arguments, particularly about the veracity of someone's statements, its best to be clear on the facts.
Re:Not this old info again (Score:4, Funny)
Just to add to the confusion, there's another one from Alabama.
https://en.wikipedia.org/wiki/... [wikipedia.org]
Someone needs to put a stop to all this shit.
Re:Not this old info again (Score:5, Funny)
They should be signing their comments and press releases with a PGP key to avoid confusion.
Re:Not this old info again (Score:5, Insightful)
That's beside the point anyway. It doesn't fucking matter. If they had used encryption, would we start falling over ourselves to give the government back doors? No. The discussion shouldn't be about whether or not they used encryption. Part of me thinks that they keep repeating this shit over and over so that when we do get an attack in which the attackers use encryption (yeah, I'm intentionally avoiding all forms of the word "terror"), that will already be the frame of the discussion and we'll have to backpedal to get back to the "it doesn't fucking matter" that we should have been stressing in the first place.
Re:Not this old info again (Score:5, Insightful)
Re: (Score:3)
Wow, are you ever a douche.
Here's a scenario for you:
The government is successful in getting backdoors implemented into most, if not all, encryption standards. Now, as we know, a backdoor for one is a backdoor for the entire world, once the information about how it works is leaked or figured out by third-party researchers. So, that means the terrorists you are so deathly, quaking-in-your-boots afraid of will also be able to use those backdoors to break encryption.
So, they figure it out, and start monitori
Re: (Score:3)
It will happen (Score:5, Insightful)
It will happen someday, though.
A terrorist will buy a set of Star Trek steak knives over eBay and they'll use HTTPS to transmit their eBay password. A future terrorist will lock the door of their house (why are these people even allowed to have locks, anyway?) and his wife will plaintext email him, "Did you lock the house? Remember, we're going to that party right after work tonight," and he'll say "quit telling all the snoops on the Internet which days our house has no one home," and they'll start encrypting their personal conversations. And that'll be that: they'll be encryption users too, just like the rest of us.
Some day, a terrorist is going to use a motor vehicle to travel from their home to the site of their terror.
Some day, a terrorist will use an alarm clock, instead of the sun, to get up at the correct time.
We need to face the facts: technology is bad. Anything that empowers humanity, can be used by humanity in the service of bad things. Power is bad. Capability is bad. Failing to starve when the gods wants you to starve is bad, and being immune to smallpox is bad and is why the gods have to invent new ones, like AIDS. It's time to end this nonsense of technology, and go back up into the trees. Because the apes in the trees never do anything bad to one another.
The reason I know that apes never try to harm one another, is because I carefully cultivate shocking ignorance about anthro-- er I mean -- zoology -- no, wait -- I mean biology since plants also do ev-- no wait: game theory. Well, I mean, statistics. I try to remain ignorance of mathematics and everything which stands upon or can be modelled by mathematics.
And you can too. Join me in giving a fuck about whether or not bad people use the same technology as good people.
Re: (Score:3)
The reason I know that apes never try to harm one another, is because I carefully cultivate shocking ignorance about anthro--
I know you're joking, but for those that didn't get it, apes (well, chimpanzees) are known to go to war [wikipedia.org].
Wait... (Score:5, Insightful)
I thought the reason the French police were able to find the attacker's apartments, accomplices, and so on very quickly was because the attackers used regular unencrypted methods of communication, such as SMS?
Re:Wait... (Score:4, Funny)
You succumbed to that propaganda, too, eh?
Oops, I mean the truth.
Wrong Propaganda (Score:3)
Re:Wait... (Score:5, Insightful)
Yes, and indeed the referenced article says that we had two months of warning and did a drone strike to take out the command and control operation (or, more likely, some goat herders). And that wasn't enough to prevent the attack. If there's a lesson here, it's that this is an asymmetrical problem, and fixing it is going to require addressing underlying causes, not throwing cash and civil liberties on the bonfire in a futile attempt to even things up.
Re:Wait... (Score:5, Insightful)
Yes, and indeed the referenced article says that we had two months of warning and did a drone strike to take out the command and control operation (or, more likely, some goat herders). And that wasn't enough to prevent the attack. If there's a lesson here, it's that this is an asymmetrical problem, and fixing it is going to require addressing underlying causes, not throwing cash and civil liberties on the bonfire in a futile attempt to even things up.
But it's so much easier to throw cash, guns and draconian prison sentences at a problem than tackling the root cause? I mean, just take one look at how successful the war on drugs has been!!!
Re: (Score:2, Informative)
the war on drugs seems to be working...it is doing a pretty good job of keeping Pseudoephedrine out of the hands of some very sick individuals...
there is something wrong when it takes a dna sample and being added to 3 watch lists to buy good cold medicine.
Re: (Score:3)
The alternative is buying pills that don't work. http://science.slashdot.org/st... [slashdot.org]
Who wants to do that?
Re: (Score:3)
IIIRC there is a web site that will walk you through the process of turning tweak into Pseudoephedrine. Tweak is cheap and easy to get, so problem solved.
Re: (Score:3)
Of course they didn't use encryption, that would have been a huge red flag. Dark skinned guy crossing borders and using encryption, what could be more suspicious?
That's the basic problem with the current "collect it all and let the machines find the intel" method. It's not only easy to avoid detection, it's actually easier for the terrorists. No mucking about with crypto software and key distribution, just disappear into a sea of auto-correct mistakes and unfathomable codewords only understood by 14 year ol
What could go wrong ... (Score:5, Informative)
Dark skinned guy crossing borders and using encryption, what could be more suspicious?
What could be more suspicious ?
Adi Shamir [wikipedia.org] trying to attend the Cryptology conference [techdirt.com] he did start him-self in the 80s ?
According to the US that's even worse.
Bollocks (Score:5, Insightful)
Mohammed Atta et al weren't using encrypted communications, just AOL and flip phones. Yet the TLA's totally screwed the pooch on 9/11.
A .125 batter can't keep blaming the bat forever.
Re: (Score:3)
Mohammed Atta et al weren't using encrypted communications, just AOL and flip phones. Yet the TLA's totally screwed the pooch on 9/11.
A .125 batter can't keep blaming the bat forever.
Not in industry, no. But in government? Hell, .125 is a pretty damned good average for government work.
After all, what are you going to do, shop at a different government?
Re: (Score:3)
It amazes me that most American still believe their government's official story of 9/11. Elsewhere in the world, people generally accepted the US government blew up their own buildings.
I don't know where your view of "elsewhere in the world" is from, but it does not seem to match mine. Do you have any citations of these general beliefs?
Is this like the belief that humans have not visited the moon? An "incorrect" belief that could widely held, or are you implying that the US gov did in fact blow up the buildings and it is those who think otherwise who are wrong?
Re:Bollocks (Score:5, Interesting)
What you believe isn't necessarily what is "generally believed" anywhere in the world, USA or otherwise. I have been on 3 different continents since 9/11 and talked to literally thousands of people and not one person (who used logic in any other part of their lives) has indicated they have any belief that the US government was behind those attacks. The only people I've ever seen indicate that are "anti-establishment" types who are either seriously strung out on drugs (or were at one point) or are proponents of anarchy. I've never met a single person who presented reasonable evidence (not hearsay) to support the claim that the US government did it. The talk of jet fuel burning temperature and melting point of steel and all that other nonsense is demonstrably proven false every single time. Every single bit of "evidence" to show the government did this. Now, tell me they knew something was going to happen and failed to act and I'd believe that in a heartbeat.
Re:Bollocks (Score:5, Insightful)
It amazes me that most American still believe their government's official story of 9/11. Elsewhere in the world, people generally accepted the US government blew up their own buildings.
Yeah, it's not like we saw terrorists fly planes into buildings on almost-live TV or anything. And it's not like we saw the government drop a collective load when it happened, generally looking like idiots for not being able to sniff out the plot or stop them despite plenty of warning signs. It's not like we heard first-hand from very brave eyewitnesses that tried to commandeer a fourth plane that was likely destined to hit the white house or capitol building. And it's not like any terrorists organizations claimed credit for the attack.
I think the most damning bit of counter-evidence is the fact that it would require some crazy level of competence and cunning to successfully pull off the most audacious false flag operation in the history of humankind. That doesn't remotely begin to describe the federal government I know.
I mean, hell, they can't even hack into a locked iPhone.
Re: (Score:3)
A further note here. Remember that video of the guy who asked Neil Armstrong about the "fake moon landings" and got decked for his idiocy? Remember that one plane hit the pentagon, and also caused casualties. I worked with former military guys on 9/11 who lost friends there. I don't recommend telling any of them that the military helped in faking 9/11 - you'll be limping away. It's so against military culture to do anything like this - against their buddies, or against the American people.
The governmen
Re:Bollocks (Score:5, Insightful)
Yeah, and just how many other buildings have had a fully loaded airliner full of fuel go crashing into them as the start of that fire?
What's that? None?
Sorry, but the giant holes caused by the crashing planes and the sustained fire from a full load of fuel is pretty different from any other building fire ever.
Watching an airplane fly into the building and then cause the fire is very different from anything else ... I was watching live, and I aint no engineer, but I turned to someone and said "this building is going to collapse any time now" ... the mechanical damage and fire left an awful lot of structure with an ever-decreasing amount of support.
So, tell me, in the entire history of modern skyscrapers ... exactly how many have had airliners crash into them?
Re: (Score:3)
Crypto? (Score:3, Insightful)
The Paris attacks wouldn't have happened without crypto? That's a funny way to spell "Islam."
Re: (Score:2, Insightful)
The Paris attacks wouldn't have happened without crypto? That's a funny way to spell "Religious Extremism."
TFTFY
Re:Crypto? (Score:5, Insightful)
Re:Crypto? (Score:5, Informative)
Re: (Score:3)
How about David Koresh
I'm sorry, it was the FBI that kill the women and children. Blame the government for over reacting.
Re: (Score:3, Insightful)
That's true, and guess who stopped them? Let's see the rest of the Muslim world actively target their own extremists. Currently I see little, ok, no meaningful action and even tacit or open support under the guise of the "enemy of my enemy is my friend" line of thinking. Perhaps this impression is why so many equate Islam with the extremist terrorists?
Religion itself is a problem, in any guise. All religions have had their followers commit atrocities. Even buddhists who claim to revere life and peace as t
Re:Crypto? (Score:5, Funny)
I beg to differ: http://www.theonion.com/articl... [theonion.com]
Re: (Score:3)
Almost all the religiously motivated shootings on your list, and the one we're talking about specifically here were because of Islam. Hmmmm, why do you resort to these non-sequiturs?
Re: (Score:3)
Almost all the religiously motivated shootings on your list, and the one we're talking about specifically here were because of Islam. Hmmmm, why do you resort to these non-sequiturs?
If your point was not trying to say "Islam is what causes people to go on mass shootings" (which is what the counter examples were attempint to refute), but in stead was trying to say "The shooters in this particular incident were Muslims", then your point is sort of pointless. The shooters in this particular incident were also male, and predomonelty right handed.
It is certaily true that there are too many crazy ass people who use Islam to justify abhorent behaviour. There are also too many crazy ass people
Re:Crypto? (Score:5, Insightful)
This is the classic marxist failure to understand human nature. Marx reduced all struggle to class struggle. Race doesn't matter! Only class. Sex doesn't matter! Only class. Religion just fools people into failing to realize their class consciousness!
No. All of these things matter to people. "Economic marginalization" does not explain Islamic terror, since lots and lots of Islamic terrorists are not marginalized. Bin Laden was rich. The San Bernardino shooter had a comfy government job. Brits, Canadians, Americans and Australian middle class muslims all signed up for ISIS. Many of the Paris attackers were second generation immigrants.
The truth is very simple: religion matters to people, and Islamic terrorists kill because they believe Allah wants them to kill. At its creation 1400 years ago Islam declared war on the world and it absolutely will not stop until it is defeated or victorious. It is just that simple and just that horrifying. Pretending you can buy them off with jobs and benefits is wishful thinking. Suicidally dangerous wishful thinking.
Re:Crypto? (Score:5, Insightful)
The Paris attacks wouldn't have happened wihtout fanatism, extremist religions, guns, cars, street, stupidity, breathing, reproduction, the big bang and maybe good wine.
[Citation Needed] (Score:5, Informative)
Bullshit. The Paris attackers did not [theintercept.com] use [techdirt.com] encrypted communications [schneier.com].
Was this an intelligence failure? Possibly. Was it an intelligence failure due to a lack of backdoors and/or laws against cryptography? Absolutely not.
Re: (Score:3)
Was it an intelligence failure due to a lack of backdoors and/or laws against cryptography? Absolutely not.
Of course he is lying (BTW, that is the job description for spies). The spy agencies want to ban strong crypto because they like "reading everyone's mail" (and looking at everyone's naked pictures as has become apparent in numerous revelations) so they will say anything, make up anything to advance that agenda.
With the advent of digital communications as the life-blood of modern society we must as a society accept that strong, no-backdoor cryptography is a necessity to protect everyone and society itself. I
I blame the Automotive Industry (Score:5, Funny)
Re: (Score:2)
Ooh, that's a fantastic idea!
Re: (Score:2)
because how else could the attackers have been in so many places at once. Magic? Jet Packs?!?!? Why it's the Car's that they drove to those locations that enabled them to murderate all those people. If we would just get rid of all cars in Paris this would never happen again.
You're right. Better add ubiquitous car tracking to the list as well.
Get rid of everything that can be used for evil! (Score:3)
Even if that were true (and I'd argue it isn't), the attacks also wouldn't have happened without long distance communications. So lets just get rid of them as well in the name of security, up to and including postal mail.
What? You say that long distance communications have an intrinsic utility that vastly dwarfs their occasional role in illegal behavior? You don't say.
Da bullshit (Score:3)
Maybe if you had, you know, invested in more HUMINT the Paris attacks wouldn't have happened.
Hello Pinocchio (Score:5, Informative)
Comment removed (Score:5, Interesting)
Re:important to distinguish (Score:4, Informative)
Haven't we already debunked this? (Score:2)
This same argument was debunked right after the attacks. Repeating it again and again doesn't make it true. Here's a link to a post that lays out several of the totally incorrect conclusions that they've been pushing: http://www.washingtonsblog.com... [washingtonsblog.com]
(It also includes debunking some points unrelated to encryption and mass surveillance that can be ignored in respect to this specific article.)
Re:Haven't we already debunked this? (Score:5, Insightful)
Repeating it again and again doesn't make it true.
Unfortunately, this is not accurate.
Close (Score:2)
Repeating it again and again doesn't make it true, but it does make it "true". Which is close enough for government work.
Re:Haven't we already debunked this? (Score:4, Informative)
Repeating it again and again doesn't make it true, it only makes it truthy. Which, alas, seems to be good enough for a lot of people.
Re: (Score:2)
Repeating it again and again doesn't make it true.
It appears that Rogers is a graduate of the Goebbels [wikipedia.org] school of public relations.
This is a bold headline (Score:3)
Slashdot is usually more skeptical than this, especially considering this was already very thoroughly debunked. Are the new editors trying to make a political statement? I don't like where this is going.
Re: (Score:2)
It needs quotes, at the very least.
Re:This is a bold headline (Score:5, Insightful)
Re: (Score:2)
At least it drives more traffic to the comments when every single person disagrees (and wants to make sure the rest of the choir knows).
Crypto ate my baby! (Score:2)
The hyperbole is strong with this one.
Let's use crypto as the scape goat for all of today's ills, truth be damned.
Classic FUD campaign... does anyone get taken by this anymore?
Re: (Score:2)
Unfortunately lots of folks get taken in when *an official* says something that implies risk and a simple answer.
PROPAGANDA PIECE (Score:2)
They're going to combine this "finding" with Apple refusing to hack an iPhone to justify passing legislation against crypto.
They're setting up criminal wind-up-toy patsies to make it sound justified so the rest of us get behind it.
My hopes of a less globalist propaganda pushing Slashdot are gone.
I've seen evidence of shadow-banning - or at least "shadow hiding" on this site too.
Headline (Score:5, Insightful)
Paris Attacks Would Not Have Happened Without Crypto
That should really have been put in quotes to make it clear that this is what some guy is saying, and not anything remotely approaching a fact.
And even if technically true, the implications behind the making of the statement should probably be taken with a pinch of salt.
Banning crypto is an old and flawed idea. (Score:4, Interesting)
Crooks and terrorists won't care about a ban, and the "law abiding" people will be left entirely vulnerable to those crooks and criminals.
I doubt anyone can tell if any given post is using a strong or weakened cipher, at least not without some deep analysis of the data, effectively ruling out internet traffic, meaning their only "effective" ban would be to ban anything not sent in clear text.
I'm no psychic, but I can easily see how well that'll play out.
We Can't Ever Fix This (Score:4, Insightful)
The one-time pad is 1000 times simpler than public-key encryption and trivial to put in an app.
Re: (Score:3)
Lots of evidence. I could show it to you, but then I'd have to kill you.
Re: (Score:3)
If you just XORed two English texts together, there would be statistical methods of attack. In general, we use random bits from an unpredictable source. Noise from a diode is based on quantum mechanical phenomena.
If you have to use an English text, there are simple algorithms to hash the input in order to defeat statistical methods.
It's Zinc (Score:2)
They couldn't have fired those bullets without Zinc. Clearly the only answer is to gather up all of the Zinc and transmute it into a safer element.
Even if it were true so what? (Score:2)
Wow, I'm impressed (Score:2)
I couldn't see his nose grow at all.
Re: (Score:2)
What about the pig fuckers monthly article (Score:2)
If they say so (Score:3)
We must take their word
It is a very well known fact that spies always tell the truth
And as a useful reminder to General Douchebag (Score:2)
The terrorists who attacked used GSM telephones and unencrypted SMS [arstechnica.com].
May I be the first one ot call bullsh*t on that evil crypto shtick? Me an the rest of /. of course...
the red herring (Score:2)
Let's dispel the paranoid illusions of an overzealous cop and come to reality.
And... ? (Score:3)
The Paris attacks also wouldn't have happened with access to military grade firearms and explosives. Those are already quite restricted in most sane countries and it didn't seem to prevent anything.
So stop telling people you want to crack down on encryption to defeat the terrorists. We both know that's bullshit and wouldn't work even if you could manage it.
Re: (Score:2)
But, since when is it ever not a time of insecurity or crime? You are arguing that there never be privacy.
Re:And this is why Republicans... (Score:5, Funny)
Wait, you mean those speeches at the debates were *encrypted*? Well, that makes sense now; what they were saying made no logical sense in English.
Re: (Score:3)
Re: (Score:3)
Trump and Cruz have both said Apple should help the FBI.
I remember back in the mid 90s the Republicans were for smaller govt. Now they just want to double down on Authoritarianism/Statism. They want a huge govt, just don't want to pay the taxes it.
About the only Republicans that support encryption are the libertarian wing of the Republicans.
Re: And this is why Republicans... (Score:4, Insightful)
They don't need to "hide" anything. You're failing to acknowledge the scale of the problem. You simply can't watch everyone. Trying to do so is a fool's errand.
Ultimately the only thing you will do is compromise everyone else's security.
The idea that they could have stopped it if only they could have spied on more people is a moronic, innumerate, fantasy.
Re: (Score:3)
You simply can't watch everyone.
They don't care about effectively watching everyone. They want to have the option to dip in to any information about anyone they like, when they like. It's about power. People having secrets diminishes government power. They don't want people to have secrets that they don't at least have the option to learn about if the whim takes them.
Re: (Score:3)
Re: And this is why Republicans... (Score:5, Insightful)
Re: (Score:2)
A better analogy would be the president explaining that water is on fire and fire is cold, since this is a blatant lie. The Paris attackers never used crypto.