Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Government Privacy

Senate Bill Draft Would Prohibit Unbreakable Encryption (ap.org) 267

Posted by EditorDavid from the I'm-just-a-bill dept.
buck-yar quotes a report from the Associated Press: "A draft version of a Senate bill would effectively prohibit unbreakable encryption and require companies to help the government access data on a computer or mobile device with a warrant."
The two Senators finalizing the bill announced "No individual or company is above the law," saying their goal is to ensure compliance with court orders to help law enforcement or to provide decrypted information. The ACLU's legislative counsel argued the drafted legislation represents a "clear threat to everyone's privacy and security," and the bill is opposed by another member of the Senate committee, Ron Wyden, who says it would require "American companies to build a backdoor... They would be required by federal law per this statute to decide how to weaken their products to make Americans less safe."
This discussion has been archived. No new comments can be posted.

Senate Bill Draft Would Prohibit Unbreakable Encryption More

Senate Bill Draft Would Prohibit Unbreakable Encryption

Comments Filter:

  • Write your senator (Score:5, Insightful)

    by Anonymous Coward on Saturday April 09, 2016 @12:39PM (#51874839)

    This is a good time to drop them a letter AND an email AND a phone call AND a fax while at it. Go on, do what's expected of you but too few of you actually do.

    • Re:Write your senator (Score:5, Insightful)

      by Z00L00K ( 682162 ) on Saturday April 09, 2016 @12:48PM (#51874891) Homepage Journal

      I have no Senator, not even an Opel Senator.

      But if unbreakable encryption is forbidden then only criminals will use it.

      • Re:Write your senator (Score:5, Insightful)

        by WarJolt ( 990309 ) on Saturday April 09, 2016 @01:06PM (#51874989)

        Sounds similar to arguments the NRA has been using for years. Congress is not persuaded by logic. Let's add pieces to this. If all legal encryption is breakable then criminals would use unbreakable encryption, criminals would decrypt all law abiding internet traffic and Congress will be faced with the same reality China faces with the great firewall of China; Some tech just can't be regulated.

        I love it when nerds can emasculate politicians.

    • Re:Write your senator (Score:5, Interesting)

      by FlyHelicopters ( 1540845 ) on Saturday April 09, 2016 @12:51PM (#51874901)

      This is a good time to drop them a letter AND an email AND a phone call AND a fax while at it. Go on, do what's expected of you but too few of you actually do.

      I don't give them money, so they don't care.

      https://youtu.be/Ylomy1Aw9Hk [youtu.be]

      Last Week Tonight with John Oliver: Congressional Fundraising (HBO)

      Well worth 21 min of your time.

      • I love the exposure his show gives to big topics, but having to sit through his repeated attempts to be funny is grating. He desperately needs new writers (assuming the problem isn't Oliver himself).

        • To the contrary, if it gets more people to watch, then I'm happy to tolerate the cheesy jokes. The show is really an educational show, but if that was all it was, how many people would watch? With the jokes it becomes pop culture, and more people watch and learn.

      • This is a good time to drop them a letter AND an email AND a phone call AND a fax while at it. Go on, do what's expected of you but too few of you actually do.

        I don't give them money, so they don't care.

        Well, they won't care AS MUCH. But if enough actual voters contact them about something, so that it appears to be an issue which could affect election, they might care.

        Campaign financing money has a huge influence, as Oliver notes. But short of outright election fraud, representatives still do actually need enough real people (not just rich donors) voting to get elected.

        Last Week Tonight with John Oliver: Congressional Fundraising (HBO)

        Well worth 21 min of your time.

        I don't mean to be too critical, since I've watched this myself and agree with the problem -- but you know what would be a BETTER use o

    • Coming later this week; Other impossible things that are to be criminalized!

      1) Perfect Vacuums

      2) Absolute Zero

      3) Black Holes

      4) Parallel Lines

      5) A wide variety of Perpetual Motion Machines

      We don't want them terrists to be violatin' the laws of Thermodynamics, Information Theory, etc. by using any of these things, um, improperly.

    • Re: (Score:2, Insightful)

      by Tom ( 822 )

      Stop doing that.

      You are creating the false impression in people that talking to politicians has an effect. It doesn't. The few ones that listen come out and talk to us. The ones who hide see us as bothersome, because they understand the political process to be about money, money and also money. From the crazy election system and fundraising to the outright bribery and lobbyism, nothing matters if it doesn't come with a cheque.

      Writing won't fix this problem. The system is broken, so stop pretending the syste

  • Before everyone gets up in arms about this... (Score:5, Interesting)

    by FlyHelicopters ( 1540845 ) on Saturday April 09, 2016 @12:40PM (#51874843)

    Was this bill introduced with the intention of passing it, or was it done for election time?

    Many bills get introduced that have zero chance of passing, rather they do it so the Congresscritters can go back to their home state and say "I'm fighting for you, to stop those evil terrorists from threatening your family, vote for me!"

    • Re: (Score:2)

      by sjames ( 1099 )

      So the call is between being simultaneoiusly draconian dictators and idiots or abusing their office for personal gain?

    • Re:Before everyone gets up in arms about this... (Score:5, Insightful)

      by click2005 ( 921437 ) * on Saturday April 09, 2016 @01:14PM (#51875023)

      No this bill was introduced so when it fails and they introduce a slightly les offensive bill it will pass.

      Its like how people will vote for someone based on them being "not as bad as some previous guy"

  • "No individual or company is above the law" (Score:3)

    by ark1 ( 873448 ) on Saturday April 09, 2016 @12:41PM (#51874853)
    Only government is.

  • Oh yeah? (Score:2, Informative)

    by Anonymous Coward

    GCv5c3FA9xfa7&aigJ

    • Re: (Score:2)

      by tnk1 ( 899206 )

      I don't think they will be fooled by you speaking Klingon.

    • HWLVTYRVYIAWHFYGPVFZCWH
      Also of note: "Go fuck yourself Feinstein!" and "Big Brother is watching you" are two strings of equal length, funny how that works out.

  • Privacy, penumbras, and emanations (Score:3)

    by John Jorsett ( 171560 ) on Saturday April 09, 2016 @12:46PM (#51874877)
    Didn't the Supreme Court discover a general right to privacy in the penumbra from the emanations of the Constitution? Whatever happened to that?

  • Feinstein ain't no Einsten (Score:5, Interesting)

    by Space cowboy ( 13680 ) on Saturday April 09, 2016 @12:50PM (#51874899) Journal

    She's just a paranoid old woman who's so scared about "the terrorists" that she's willing to give up ... what's the line ? Oh yeah, "essential liberty" ... sounds familiar somehow.

    I happen to work on De Anza Blvd, and I was looking out the window when the proverbial was hitting the fan with Apple and the FBI, there was suddenly a cavalcade of blacked-out sedans overriding the lights sequence, with police blowing their horn as someone (my assumption here is that it was the senator, no-one else really gets that level of police co-operation) halted the normal traffic lights sequence so this entire entourage could turn into Infinite Loop.

    So, Diane was going to yell at Tim. I have some reasonable hope that Tim told her to stick it where the sun don't shine, but I think he's more polite (not to mention politically astute) than I, so I'm sure he came up with a gentlemanly way to say it.

    The good news is that she won't be re-elected because she's not going to run any more. She's too old (thank $deity) so we have a chance of getting someone in who isn't a complete fucking moron when it comes to national security. There's no way this state will elect a republican, so we're stuck with her until then. She gets a lot of votes, and I really hope that's just people voting along party lines because if people actually *want* her policies, well... shit, time to leave.

    • Wow - no wonder the USA is messed up. In the UK our ministers get a chauffeured car - and that's it. Disrupting the traffic - especially because it's so bad anyway - is the way to lose elections over here. I remember seeing Obama go past in a 50 car cavalcade. WHY?

      Seems like this has potential as a campaign issue.

  • No encryption is unbreakable, it just takes a rather long time with current knowledge and technology.

    • Re:Deal (Score:5, Informative)

      by qeveren ( 318805 ) on Saturday April 09, 2016 @01:27PM (#51875093)

      A one-time pad is pretty close, in that you can never really tell when you've actually decoded it.

    • Actually one time pads are unbreakable if you do it right, but they're rarely used in practice because they're inconvenient. But there still were some practical cryptographic systems using them.
  • I think this is a sibling to the halting problem" [wikipedia.org]. I think that there have been any number of "almost" unbreakable encryption, but as long as you want your encryption to be un-encryptable there's a problem here.

    Perhaps we should just ban encryption that can be unencrypted.

    • Re: (Score:2)

      by C3ntaur ( 642283 )
      Good point. Any prosecutor or law enforcement official with an axe to grind could point at any random string of characters they found on anyone's device, and say, "Look! Unbreakable encryption!"

  • Breakable for one, breakable for all. (Score:3)

    by headkase ( 533448 ) on Saturday April 09, 2016 @12:56PM (#51874927)

    They don't get the inherent flaw with "breakable" encryption: if the government can break it then so can third-parties. Which may be other governments. Like China looking for industrial secrets. Hell, even right now you know that encrypted channels of every kind are being recorded for the inevitable day quantum computing becomes a reality and they can then be decrypted after the fact.

  • Ban (Score:3)

    by Wowsers ( 1151731 ) on Saturday April 09, 2016 @12:57PM (#51874935) Journal

    Ban unbreakable encryption. Politicians proving once again they are dangerously uneducated. About time you stopped electing people with socially useless law and politics degrees.

  • Good (Score:5, Insightful)

    by Shawn Willden ( 2914343 ) on Saturday April 09, 2016 @01:02PM (#51874951)

    This is good. Not the bill, but this is the correct place for this debate, in the legislature, not the courts. Now we just need to make sure it loses, and for the right reasons.

  • Cameron vs Panama Papers (Score:4, Interesting)

    by flyingfsck ( 986395 ) on Saturday April 09, 2016 @01:04PM (#51874967)
    The Congressmen should speak to PM Cameron of the UK about the need for privacy and encryption. He seems to have gotten a change of heart following the Panama Papers leak. Anyhoo, all encryption is breakable. It may just take a while...
  • One point I never see made is that, yeah, we may trust this government with our lives/security/privacy, but the issue I think the founding fathers saw was that if you "let such cats out of the bag", the horribly evil government that's in place 25 years from now will have total, unretractable control - "we the people" would, then, have no recourse.

    • I think any government demanding something like this is inherently untrustworthy.

      They are arguing that you shouldn't be allowed to express your thoughts by virtue of not being selective with your speech. I mean the Big Brother tropes have played out in a frightening parody, making it illegal to escape the tv screen. No one is above the law.

      Except who does the law really serve? Forbidding people to keep secrets is just kicking in the doors to people's mind. And for what? There is someone even worse who would

  • Second Amendment Issue? (Score:5, Interesting)

    by AF_Cheddar_Head ( 1186601 ) on Saturday April 09, 2016 @01:12PM (#51875017)

    Follow along with me:
    Cryptograghy is subject to ITAR (International Traffic in Arms Regulations)
    This means the Federal Government treats Cryptography as an Armament
    What does the second amendment say: "the right of the people to keep and bear Arms, shall not be infringed"
    Hey NRA time to step up and defend the Second Amendment against the heinous assault. Slippery slope and all. You don't want these guys coming after your guns do you.

    • The problem is the 2nd Amendment doesn't guarantee the right of the people to possess any and all armaments. Try storing nuclear weapons in your basement, for example. I think the 1st Amendment provides much greater protection from laws such as this. Software, and specifically source code, has been classified as protected speech by some courts, so encryption software might receive some protection on those grounds.

    • So... $200 tax stamp required, along with finger prints (another $75) passport photo ($10) and a 3 month to 2 year wait for your request to be processed. For each algorithm you want to use.

      Of course, they could always close the registry to new additions, like they did with machine guns in 1986 and create an artificial limit... "Hey, I have a domain and a SSL certificate. Before the closure you really couldn't sell 'em since they had no real value, but after the closure it is gonna cost you $20k".

  • It's pretty rich when someone who has seen the stuff that the Senate Intelligence Committee gets glimpses of would actually claim that nobody is above the law.

    Of course, this is Feinstein, wicked witch of the west, so of course she would.

  • I'm given to understand that he couldn't be broken. Plainly a threat. Lock him up.

  • They brought this on themselves (Score:5, Insightful)

    by sjames ( 1099 ) on Saturday April 09, 2016 @01:25PM (#51875087) Homepage Journal

    The NSA and FBI brought this on themselves. Before all the spying on everyone, parallel construction, and warrant less use of stingray plus secret courts, nobody was all that much interested in consumer products with unbreakable encryption.

    If they want to blame someone for this, they need to look in a mirror and understand that their operations are just plain creepy and incompatible with a free country. They are starting to smell like the Stasi and a significant portion of the citizens of this country don't care to give them any more of a foothold.

  • Republicans, are you looking for a senator who shares your values? A richer-than-fuck mucky-muck who will fit right in with the corrupt Wall Street crowd? Maybe you need a stooge who will rubber-stamp every authoritarian defense industry and law enforcement wet dream?

    Pick yourself up a Senator Feinstein today! We only have one left, and we sure as fuck don’t want her in California. I know, she’s a “democrat” but that’s really in name only. She shares your values more than Grass

  • With the exception of one time pads(which are mostly too clunky for practical purposes: it's handy that there is a mathematically rigorous way to 'get a rain check' and use the fact that you were able to transmit n bits across a secure channel at some point in the past to secure up to n bits of communication over one or more occasions in the future; but actually having a known-secure channel even once is frequently a luxury you simply never get); they don't make encryption in 'unbreakable', just in 'far too

  • How would our political process function if one party knew what the other party would do next?

  • Who knew that this is what they meant with the most transparent administration ever ;-) Before people get spun up and rant that Romney would have been worse (as if two wrongs make a right) I'm not suggesting that the Republicans would be better. I am suggesting that both the D & R parties do not have the average citizen and especially not the middle class in mind and privacy is just one of the ways that they screw us over.

  • I am really afraid that Feinstein & Burr's bill will become law. If it does the FBI will be able to read all my plans as I won't be allowed to encrypt them. That would be a shame since I have a nice business going here ... maybe I could move to Canada. Perhaps I could give them some campaign contributions to make this go away. This is really bad news, a lot of my friends would also need to stop doing dirty deeds, think of the unemployment that this would cause!

  • The Supreme Court needs to reiterate the right to speak encrypted in the First Amendment, and that "regulating business activity is not regulating speech" is itself unconstitutional sophistry.

  • The full text of the draft bill, and some commentary, is at The Hill: "Senate encryption bill draft mandates 'technical assistance' [thehill.com]".

  • Stupid senators asking for laws by knee jerk. (Score:3)

    by Lumpy ( 12016 ) on Saturday April 09, 2016 @02:16PM (#51875383) Homepage

    Dear Senate, all of you are drooling morons. uncrackable encryption has existed for decades, and will continue to exist after your stupid law. All the law does is makes honest people criminals.

    It's to the point that it's not worth it to be an honest citizen because the criminals have more freedom.

  • Think a step further (Score:5, Interesting)

    by Elfich47 ( 703900 ) on Saturday April 09, 2016 @02:55PM (#51875591)
    Let's take this law to its logical conclusion. No one in power cares about individuals download pgp and encrypting their email. Everyone cares when money gets involved.

    All "trusted" internet commerce where you plug in your credit card number is dependent upon encryption strong enough to prevent credit card and identity theft. If this law were to pass no internet commerce company would be able to use encryption strong enough to prevent people from stealing credit card numbers by skimming traffic. It may take a little bit (hours or days) but someone skimming Amazon or bank traffic will start being to pull out credit card and account numbers and the trust of internet banking will be destroyed for years.

    This is what will prevent strong encryption from going away- the encryption has to be available to all users for it to be useful. People, credit card companies and insurance companies will not tolerate money being stolen whole sale that we have not seen yet. Yes I am aware that people get their card numbers stolen everyday. Removing encryption would guarantee that your card is stolen the first time you use your card on the internet.

  • So in the long run... (Score:3)

    by Ramley ( 1168049 ) on Saturday April 09, 2016 @03:03PM (#51875627)
    American companies can not provide unbreakable encryption? Another country will provide those products and people will want them. Our tech firms get hurt. Brilliant!

    ...Until all countries follow our laws and prohibit the same thing(s).

    Then the only people who have an immense, evil amount of power are governments... beyond what we (in the US) allow today.

    Not to get into the politics of it all, but doesn't limiting the size and scope of our government here in the US make the most sense in the long-run? Handing over power to our government might seem great when the right people are in office, but when the people change (and the power is still there), everyone is screwed. History repeating itself over and over.

  • Everyone here knows what's being proposed is technically infeasible. We would effectively end up with no encryption at all. So what would the corporate response be? What would Apple, Google, Cisco, et al, do if this bill were to pass? They can't possibly comply, not to mention their sales would plummet. Their only option, if they want to survive, is to extend their middle finger, pull out their millions in political funding and tax dollars (whatever relatively paltry taxes they actually pay) and setup shop

    • 'passed' and 'enforced' are not the same thing.

      cant be enforced. just cant be done. how could you detect it or stop it?

      (in fact this post means something entirely different, lol)

      what fun this could be.

  • For the n-th time (Score:3)

    by Opportunist ( 166417 ) on Saturday April 09, 2016 @05:50PM (#51876321)

    Think about it, dear politicians, what this would mean for your economy.

    Let's say I have a company. I have data that is important to me because it contains trade secrets. I'm in research and development, i.e. THE field you want to attract. No/little use of resources, employs lots of people from top eggheads to braindead menial workers and the output is patents that can be multiplied at will with zero cost and sold (not only domestic but also abroad) for insane amounts of money.

    In case you're too stupid to understand that, dear politican: YOU DO WANT THAT BUSINESS in your town, state and country. You do want that. It's the perfect cash cow, the industry that turns literally NOTHING into gold.

    I will steer clear of you if you disallow me to use unbreakable encryption and perfect safety from spying, though. For obvious reasons: There is none, never has been, never will be, a government-only backdoor. Or rather, there will not be an anything-only backdoor. Any backdoor you can use will eventually be available to my competitor.

    Oh, it's safe because only you have the key? Think again. That key is in the hands of some person working for you. And the entities interested in my research are not only corporations but also whole countries with funds that make that guy, or the guys (seriously, whether it's one or a handful, who gives a shit?), blind when I only suggest paying them. And I will pay them. I have no reason to kill them, I turn them into accomplices. And then I have that key. And that means I have that key to all the research happening in your country. Can you imagine just how much I can pay your underpaid public office workers before this becomes unfeasible for me?

    In other words, in simple words so even you politicians get it: Do that and NOBODY in their sane mind will place their R&D data into a place where your insanity rules. R&D is one of the things you can very easily move abroad. It's not like delivering takes lots of money. Relocating the people I need is peanuts compared to the risk of doing business where you invent insane laws like this.

  • ... Diane Feinstein was one of the Senators sponsoring this bill. I hope the pro-privacy groups are taking note of this and will be reminding the voters when she's up for re-election just how much she thinks of her constituents' privacy.

  • What about cross border software? (Score:3)

    by ukoda ( 537183 ) on Saturday April 09, 2016 @06:32PM (#51876457) Homepage
    Will there be a US and export versions of Windows and Mac OS? I guess the situation with Linux is a bit better e.g. Red Had builds a crippled version for the US market and CentOS do the secure version entirely outside the US. Even if Microsoft and Apple are allowed to make export versions, or do it via an end run around the law, to try and keep customers, would people trust them? Yea, I know, my country is one of many that would pass the same law in the interest of "free trade" so it probably doesn't matter.

    Hopefully this proposed law will fail...

  • Because encryption isn't unbreakable.

    It just takes a while.

  • The US Constitution does not give the federal government the power to restrict or even to control technology used to secure communications or "private papers" (my 17th century label for data), does it? The 4th amendment clearly states that the federal government can't even try to collect information without having a warrant that clearly identifies the information to be collected. Since this clearly defined restriction on what the federal government may do comes only in a statement otherwise confirming a c

  • If this bill passes, I'll open a bank that's not online. No Internet connection at all.

    It'd be the only US bank that's safe.

    --PeterM

  • Fine, I use OpenBSD. There is no way the project members would weaken encryption or build in backdoors. Fuck the US Government.
  • It says that any person or company providing encryption software must cooperate with law enforcement to retrieve data on demand. What if I get encryption software from a foreign vendor with no US presence? Isn't this simply killing US encryption vendors? What am I missing here?

  • As Julian Sanchez insightfully tweeted:
    "Burr-Feinstein may be the most insane thing I've ever seen seriously offered as a piece of legislation. It is "do magic" in legalese."

Slashdot Top Deals

Love may laugh at locksmiths, but he has a profound respect for money bags. -- Sidney Paternoster, "The Folly of the Wise"

Close