Once again, gross over-reaction is the only response Congress has in its bag.
posted by Thorzdad at 6:54 PM on April 8, 2016 [29 favorites]

"No person or entity is above the law," the bill text passively-aggressively states.

I have a fantasy that the Supreme Court majority opinion ruling this bill unconstitutional begins with this precise phrase.
posted by RobotVoodooPower at 7:06 PM on April 8, 2016 [41 favorites]

How is a senator from California the co-author of this bill? This is like a senator from Michigan authoring a bill banning all cars from federal highways.
posted by indubitable at 7:07 PM on April 8, 2016 [20 favorites]

How is Feinstein still the Senator from California? She has the record of a Joe Manchin in the 2nd or 3rd most liberal state in the country. To put aside the fact that she seems to not even understand what encryption even is, as the ranking minority member of the Senate Intelligence Committee.
posted by T.D. Strange at 7:12 PM on April 8, 2016 [35 favorites]

Correct me if I'm wrong, but I don't see this as forcing companies to design in a back door. It sounds like it will require them to help break through their own encryption if requested by a court, but they do not necessarily have that capability.
posted by cman at 7:14 PM on April 8, 2016 [2 favorites]

I'm not sure whether a better comparison here is that the government is trying to legislate that pi is a rational number or that, only when the Good Guys really need it, that 1+1 equal 3
posted by DoctorFedora at 7:18 PM on April 8, 2016 [7 favorites]

"all providers of communications services and products (including software) should protect the privacy of United States persons through implementation of appropriate data security and still respect the rule of law and comply with all legal requirements and court orders"

Is that a mandate for a "backdoor"? Arguably yes. But it certainly is if a court orders it.
posted by T.D. Strange at 7:18 PM on April 8, 2016 [1 favorite]

I have a fantasy that the Supreme Court majority opinion ruling this bill unconstitutional begins with this precise phrase.

Doesn't someone have to show they've been harmed by this law before a challenge can be mounted? And even then, doesn't it generally take years to get to SCOTUS?

The damage would be incalculable. And I can't see any of Obama or the Republican clown car or Clinton vetoing this. Sanders, I guess? Seems a pretty chancy roll of the dice, there.
posted by feckless fecal fear mongering at 7:23 PM on April 8, 2016 [5 favorites]

Correct me if I'm wrong, but I don't see this as forcing companies to design in a back door. It sounds like it will require them to help break through their own encryption if requested by a court, but they do not necessarily have that capability.

If you're able to intentionally break your own encryption, you've either intentionally developed a de facto back door or you suck at your job.

I'm wondering what country's magic decoder ring our spooks, aid workers, military, government officials and contractors will use overseas to protect their data once we've fucked up all of our U.S.-made devices' security. Swatchphone, anyone?
posted by RobotVoodooPower at 7:26 PM on April 8, 2016 [17 favorites]

Feinstein has been a huge disappointment. That is the nicest thing that I have to say about her.
posted by futz at 7:34 PM on April 8, 2016 [17 favorites]

Correct me if I'm wrong, but I don't see this as forcing companies to design in a back door. It sounds like it will require them to help break through their own encryption if requested by a court, but they do not necessarily have that capability.

The bill's not even introduced yet. You can be sure that the wording will be revised to make it clear that producing a product you can;t break is a no-no, as that has been Feinstein's express intent for this entire millennium.

Thank you, Feinstein. You just gave Vladimir Putin the ability to turn off the American power grid.
posted by ocschwar at 7:41 PM on April 8, 2016 [17 favorites]

no no ocshwar, the language clearly states that it also has to be secure. see? problem solved.
posted by indubitable at 7:42 PM on April 8, 2016 [29 favorites]

It looks like it orders assistance when that's possible. (It was in Apple's case.)

But it doesn't order you not to build unbreakable encryption. We need software that doesn't have a key sitting at the home office of the developer.

I think what we really learned over the last four months is that we need to code for politics. It was always the case that Apple was vulnerable to a legislative hack; they can code around that if they choose, though. And they should, and so should everyone else.
posted by anotherpanacea at 7:44 PM on April 8, 2016 [5 favorites]

idiots.
posted by valkane at 7:45 PM on April 8, 2016 [6 favorites]

California awed the country when we elected TWO woman senators in 1992*. So Feinstein and Barbara Boxer were tied for the honor of "first woman elected Senator from California". Just another case of "it's a woman, she'll be great."

*Feinstein's election was to finish the term Pete Wilson gave up when he was elected Governor, the job he really wanted... it's complicated, but it's California.
posted by oneswellfoop at 7:57 PM on April 8, 2016 [8 favorites]

But it doesn't order you not to build unbreakable encryption

I didn't see any relevant text in the bill that states that unbreakable encryption is an option. It says either you have to give up whatever info is requested, or provide assistance to help deliver the info. There is not a provision for "can't technically comply", and anyway have fun explaining that to a judge and paying for legal representation and risking contempt of court and all that.

And have you ever seen more fucking jingoistic language in a Congressional bill? Fuck.
posted by RobotVoodooPower at 8:00 PM on April 8, 2016 [3 favorites]

Not to make this all about Apple, but they are perhaps the largest player that would be affected by this legislation, should it pass. Here's what I don't get.

As members of the upper class, the people who are writing this bill would have a large part of their fortunes either directly or indirectly invested in AAPL stock. To intentionally design legislation which, if successful, would give the rest of the world direct evidence of the lack of security in American-designed software, with direct consequences to the stock price of said American software companies, including the aforementioned AAPL, seems ... oh, what's the word I'm looking for ...
posted by Mrs. Davros at 8:10 PM on April 8, 2016 [3 favorites]

Technically, saying "Sure, how much money you got" and then setting up a corresponding number of machines to brute force a key would still count as "providing assistance to help deliver the info" right?
posted by juv3nal at 8:22 PM on April 8, 2016 [10 favorites]

Not necessarily AAPL stock, Mrs. Davros, but they're legislating that their electronic funds transfers would be hackable. Panama Papers would be be a dust mote by comparison.
posted by oheso at 8:24 PM on April 8, 2016 [2 favorites]

Thank ghod all our intelligence agencies are full of such noble people that they would never sell us out for access to the world's most valuable magic key.
posted by benzenedream at 8:24 PM on April 8, 2016 [1 favorite]

How is a senator from California the co-author of this bill?

Military-industrial interests?
posted by clew at 8:24 PM on April 8, 2016 [2 favorites]

That which is not explicitly prohibited is implicitly encouraged.

I think the idea is primarily to get around using the All Writs Act in cases like Apple's (or Lavabit's?) That was probably always too broad, and we do need to set some standard about how this should work that's not 227 years old.

But Apple's resistance was only partly about All Writs: they also don't want to be in the business of hacking themselves. That's where I think they are mistaken: their principles don't mean much if the government can just wait for the next zero-day. Instead, there should be two levels of encryption: encryption you must break when the government (any government!) asks you to and encryption you can't break.

Any system that allows the developer to break it so long as lawyers put the right things on pieces of paper should be understood to be intrinsically unsecured.
posted by anotherpanacea at 8:30 PM on April 8, 2016 [5 favorites]

From benzenedream's link, this is what the CIA thinks of its own personnel at its secret communications facility:

US mole hunters investigated 90 employees at WTC for almost a year and came up with ten suspects, although the lead investigator noted that "there are so many problem personalities that no one stands out".

But we can trust them with our stuff, surely.
posted by oheso at 8:33 PM on April 8, 2016 [7 favorites]

How is a senator from California the co-author of this bill? This is like a senator from Michigan authoring a bill banning all cars from federal highways.

It's because she's a hypocrite who has yet to see a military-industrial complex she doesn't like.
posted by MikeKD at 8:35 PM on April 8, 2016 [9 favorites]

Technically, saying "Sure, how much money you got" and then setting up a corresponding number of machines to brute force a key would still count as "providing assistance to help deliver the info" right?

The smart money will be on companies that make huge matrices of blinking LEDs to show that progress is being made.
posted by RobotVoodooPower at 8:36 PM on April 8, 2016 [20 favorites]

But, isn't it just math? I'm not a techie, but my layman's understanding is encryption just relies on complex math to build a problem that takes an unreasonably long time for the computer to figure out. And you can't legislate against doing math. So I'm not sure what this solves. If you're doing something illegal and using encryption to hide it, you're going to keep using the same existing encryption schemes without these backdoors. Maybe this means you need to add a step somewhere if you buy the phone in the US, but it doesn't sound like it would do anything to anyone who knows anything about what they're doing. As long as people know how to do it they will.
posted by downtohisturtles at 8:38 PM on April 8, 2016 [3 favorites]

It looks like it orders assistance when that's possible.

It seems ambiguous until you get to the very end and it defines such assistance as "rendering [the data] in an intelligible format". Not telling the court whether or not it's possible to do so, not giving them what we would ordinarily think of as technical assistance in understanding how the encryption scheme works or whatever. Successfully breaking your own encryption is the only way to comply with the law as written. It's badly written, but it's clear that is the idea.

I wonder what happens when the requirement to also "isolate the data" on demand can only be satisfied by breaking into your customer's house to steal all their "devices".
posted by sfenders at 8:46 PM on April 8, 2016 [2 favorites]

And you can't legislate against doing math.

Sure you can. See patent law.
posted by sfenders at 8:49 PM on April 8, 2016 [7 favorites]

Maybe this means you need to add a step somewhere if you buy the phone in the US, but it doesn't sound like it would do anything to anyone who knows anything about what they're doing. As long as people know how to do it they will.

People can encrypt now, and they don't. Even people engaged in criminal enterprises don't, or don't do it that thoroughly. This kind of law is pitched as a way to stop the super-scary James Bond villains that they want us to think they're going to use it against. Those hypothetical criminals would find other ways to encrypt. But most people this law will actually be used against everyday criminal suspects who won't give the police the password to their iPhone.
posted by skewed at 8:49 PM on April 8, 2016 [5 favorites]

downtohisturtles, you obviously don't have what it takes to be a US senator. The willful ignorance and innate inability to grasp basic logical concepts, that is.
posted by oheso at 8:50 PM on April 8, 2016 [4 favorites]

Successfully breaking your own encryption is the only way to comply with the law as written.

Sure, but with a naive brute force approach and today's computers, who knows how long that's going to take. Longer than the heat-death of the universe, hopefully. "We're getting there, your honor. We've made quantifiable progress towards establishing what the encryption key is. If the gentleman from the FBI knows a faster way to go about we'd sure love to hear it. Otherwise we're rendering assistance as quickly as budgetary constraints and our know-how will allow."
posted by juv3nal at 8:56 PM on April 8, 2016 [11 favorites]

Recovering all the data made unintelligible by your features, products, and services might be particularly difficult if one of your products is Macro Assembler.
posted by sfenders at 9:19 PM on April 8, 2016 [2 favorites]

You know what this makes me think of more than anything? It's like a congressman wanting to make toilets illegal because he heard once that you could flush drugs down them and there would be no evidence.
posted by valkane at 9:20 PM on April 8, 2016 [42 favorites]

War is peace.
Freedom is slavery.
Ignorance is strength.
posted by Beholder at 9:23 PM on April 8, 2016 [3 favorites]

"California awed the country when we elected TWO woman senators in 1992*. So Feinstein and Barbara Boxer were tied for the honor of "first woman elected Senator from California". Just another case of "it's a woman, she'll be great.""

Feinstein is a great example of how things are slowly getting better for equality in politics. Not because she's a great senator, but because she's an awful senator.
posted by el io at 9:31 PM on April 8, 2016 [15 favorites]

Large prime numbers for sale! Large prime numbers! Illegal prime numbers, here! Get your prime numbers! Freshly seeded from the the finest of Gaussian noise! Prime numbers! Generate your own prime numbers! Pick a kitten, any kitten and place it in the box lined with a keyboard and the finest catnip! Large prime numbers, here, guaranteed until the heat death of the universe!
posted by loquacious at 9:49 PM on April 8, 2016 [17 favorites]

It's like a congressman wanting to make toilets illegal because he heard once that you could flush drugs down them and there would be no evidence.

That's ridiculous. No Congressperson would propose such an argument.

But the Supreme Court did, in 1996.
posted by RobotVoodooPower at 9:49 PM on April 8, 2016 [9 favorites]

no no ocshwar, the language clearly states that it also has to be secure. see? problem solved.

Stakeholders producing impossible, logically contradictory requirements? That never happens... Sigh.

FWIW, of all the contenders, Sanders probably would be the likeliest to veto, but I'm not even sure. More and more, it seems like even our brightest political leaders aren't much good at anything other than the horse race itself.
posted by saulgoodman at 9:52 PM on April 8, 2016 [2 favorites]

Dear Intelligence Services and/or Pawns:

Please imagine Edward Snowden with the key to this magic backdoor.

Sincerely,
Fuck you, you already know where I live
posted by benzenedream at 10:18 PM on April 8, 2016 [26 favorites]

But Apple's resistance was only partly about All Writs: they also don't want to be in the business of hacking themselves.

It's that, and I think it's mostly that AAPL wants to be in the business of frictionless and secure financial transactions. This cuts at the latter, and probably the former, as a consequence.
posted by notyou at 10:24 PM on April 8, 2016 [2 favorites]

Successfully breaking your own encryption is the only way to comply with the law as written.

There's another way. Almost all of these apps have some provision for pushing updates to the users. Certainly ones hosted in app stores do. Every company that provides encryption has access to a backdoor: they can push an evil update that compromises the encryption and snaffles up any stored plaintext it can find, and transmit it back to the mothership. Doesn't work against locked or offline devices though.

There's no straightforward defense against this. You could maybe split your app's signing key and keep different pieces in different jurisdictions, so Whatsapp America can't push an update without Whatsapp Lithuania (or whatever) going over it with a fine-toothed comb to find any court-mandated backdoors. WhatsApp America could probably collude with the app store to bypass this though.
posted by BungaDunga at 11:51 PM on April 8, 2016 [2 favorites]

When I read the draft last night, my first thought was that you could reasonably argue that it applies even to such mundane uses of crypto as password hashes, the fundamental building block used for virtually every username/password authentication system not implemented by utter morons. After all, a hashed password is data (the password) that has been intentionally rendered unintelligible by the service provider, so they'd be obligated to somehow provide "technical assistance" and recover the original password.

My second thought was that this could make some tech companies very rich indeed. Paragraph 3 says that companies providing technical assistance shall be compensated for their costs. All you have to do is use secure crypto, wait for the FBI to come calling, then start launching EC2 instances up the wahzoo to try to brute-force the key. Nevermind that it will be a futile effort; think how big the bill will get in the meantime.

For what minimal value it is worth, I did send Sen. Feinstein's office a note expressing my shame at having her as my Senator right now.
posted by zachlipton at 12:01 AM on April 9, 2016 [4 favorites]

Oh no! RBG!

From the link in RobotVoodooPower's comment above:
Justice Ruth Bader Ginsberg fretted about the danger of the loss of evidence in searches for “marijuana in places with indoor plumbing."
posted by bardophile at 12:23 AM on April 9, 2016 [1 favorite]

> Swatchphone, anyone?

I used to work for a company that provided encryption stuff. I have no idea whether the encryption was any good, but being the only non-American outfit on the list was a major selling point
posted by doiheartwentyone at 2:09 AM on April 9, 2016 [3 favorites]

So, the more I think about this, the more it looks like an honest effort at writing legislation that will respond to real holes in existing law.

So what I'd like to see is the alternative legislation, from the critics. Where's the EFF's model legislation on this? Where's Schneier's white paper laying out the ideal institutional arrangements?

Unless you're a libertarian, you agree that there should be a government and they should occasionally issue warrants to search things. It's not the Wild West. How should they do that? What should governments be able to ask of companies that produce encryption? Nothing? Reasonable assistance? Extraordinary and secret assistance? Should we just have our own government spooks hack into those companies and steal what they want? Should we just buy hacking services from the professionals who sell exploits to the highest bidder?

Lavabit and the San Bernadino phone thing both strike me as over-reaches. But they're very likely to continue unless the US does something to channel its law enforcement's unquenchable thirst for evidence and intel. We ran honey pot servers to catch the Silk Road folks. Why was that okay but it's somehow wrong to launch man-in-the-middle attacks on Lavabit?

I think we're still in the "we know it when we see it" era of objection to government over reach in technology. It's time to start spelling out the alternative in a way that can guide both legislators and companies.
posted by anotherpanacea at 4:57 AM on April 9, 2016 [5 favorites]

Almost all of these apps have some provision for pushing updates to the users.

So does my web browser. It's hard to imagine what would happen if doing business in America came to mean being known for pushing untrustworthy software updates. Best case, it might resemble China. But if they try to enforce this against every foreign software company doing business in America, of which there would quickly be many more as the industry evacuates, the totalitarians in China could look mildly unambitious by comparison.
posted by sfenders at 5:07 AM on April 9, 2016 [4 favorites]

Why was that okay but it's somehow wrong to launch man-in-the-middle attacks on Lavabit?

If all they had done was attack Lavabit legitimately like that, exploiting a flaw they're not responsible for putting there, nobody would be complaining. Well, fewer people would be complaining.
posted by sfenders at 5:11 AM on April 9, 2016

Anotherpanacea, the reason there's no alternative legislation is that there's no reasonable way to balance government interests and secure encryption. Secure encryption is secure from everyone, period. There is no compromise that can be made.

At best (as I see it) a proposal might include requiring an additional per-device key that the government can use to access a device, stored in a government database somewhere. This would require the database to be unhackable, which yeah, not terribly likely. Which is partially why it failed when it was already attempted as the Clipper chip.
posted by Nutri-Matic Drinks Synthesizer at 5:22 AM on April 9, 2016 [11 favorites]

Why am I not surprised Feinstein is involved in this hot mess? Oh, right, because she is a crummy excuse for a liberal.
posted by entropicamericana at 5:26 AM on April 9, 2016 [3 favorites]

If the company can break the encryption, anybody can break the encryption. Encryption which is feasibly breakable is a worthless product.
posted by Pope Guilty at 5:53 AM on April 9, 2016 [9 favorites]

"We want you to weaken your encryption while leaving it entirely secure."

You can't really go anywhere from here, except perhaps

"And make sure nobody can install software we don't like on your general purpose computing devices."

I just don't have the energy to go looking for a third unicorn, but I'm sure it's in there. So, so sure.
posted by Devonian at 6:08 AM on April 9, 2016 [7 favorites]

If the company can break the encryption, anybody can break the encryption. Encryption which is feasibly breakable is a worthless product.

Uhhhh... What now? If I was the government and wanted to have key escrow I'd do it as follows:

1) Fabricate a device with a secure element similar to Apple's. It has two functions, decrypt a key given with the private key and spit out the public key. Nobody knows the private key, not even the government just like the user and Apple neither know nor care about the iPhone's private key.

2) Air gap the device in a secure storage area.

3) Hand the public key to Apple.

4) Apple instructs the secure element to entangle the UID key with the government's public key.

5) Government can hook a phone up to the device and get the UID key back.

Since the government doesn't even know their device's private key it can't get leaked. It's no less secure than what Apple probably have currently for the Apple CA master private key.
posted by Talez at 6:13 AM on April 9, 2016

[Oops - misread the original. Ignore this]
posted by Devonian at 6:24 AM on April 9, 2016

>"all providers of communications services and products (including software) should protect the privacy of United States persons through implementation of appropriate data security and still respect the rule of law and comply with all legal requirements and court orders"

This is self contradictory, "implementation of appropriate data security" AND "still respect the rule of law and comply with all legal requirements and court orders"

Total Govt BS, I'd expect this if we were living in an Orwellian 1984 society but we aren't.
posted by DBAPaul at 6:24 AM on April 9, 2016

2) Air gap the device in a secure storage area.

Let's ask Edward Snowden what could go wrong.
posted by Pope Guilty at 6:34 AM on April 9, 2016 [11 favorites]

Someone made the point "it's all Math". It's actually "math" plus the careful implementation of the math without making any mistakes (bugs) and anticipating technologically advancements of the next 20+ years. Secure is actually pretty darned hard.
posted by sammyo at 6:36 AM on April 9, 2016 [3 favorites]

So, not only did Ed Snowden uncover a massive spying operation, he's also continual living proof against the "Trust us, we're the government, we'll keep it secret" argument.
posted by leotrotsky at 6:38 AM on April 9, 2016 [6 favorites]

Let's ask Edward Snowden what could go wrong.

An Edward Snowden would have to steal the whole device and at that point I'm pretty sure that with alarms going they wouldn't make it very far.
posted by Talez at 6:39 AM on April 9, 2016

One problem with Talez' magic box is that it ends up holding all the keys to the kingdom. If it does get stolen then what? Or if it breaks, then what? And I doubt very much that the acronyms would be happy with just one box - they'd demand banks of them, geographically dispersed, for 'operational timeliness' or similar, because to them the existence of lots of encrypted data looks just like the Enigma data did to BP - you don't want just one bombe.

The idea that the government would be content depending on a single instance of a private key it didn't know is not consistent with its observable behaviour to date.

[ETA - 'with alarms going off...'; as you know, professor, the best thieves know where the alarms are, because they were responsible for putting them in. Good security depends on not having unknowable secrets, except where guaranteed by the laws of mathematics]
posted by Devonian at 6:39 AM on April 9, 2016 [8 favorites]

I mean don't get me wrong I don't want the government anywhere near my private shit. But Apple's ability to resist attack from someone who has the device is astounding and saying you couldn't use the same techniques to build a secure escrow method is completely fallacious.
posted by Talez at 6:40 AM on April 9, 2016

One problem with Talez' magic box is that it ends up holding all the keys to the kingdom. If it does get stolen then what? Or if it breaks, then what? And I doubt very much that the acronyms would be happy with just one box - they'd demand banks of them, geographically dispersed, for 'operational timeliness' or similar, because to them the existence of lots of encrypted data looks just like the Enigma data did to BP - you don't want just one bombe.

That's what we have now. Just replace "the government" with "Apple".
posted by Talez at 6:41 AM on April 9, 2016

But Apple - and others - are working steadfastly to remove their own ability to read data, for reasons that - as Dr Stangelove puts it - at this moment must be all too obvious. The state is trying to stop this from happening, permanently, through the law.

So no, that's not what we have now.
posted by Devonian at 6:48 AM on April 9, 2016 [2 favorites]

It's absolutely what we have now. The "keys to the kingdom" is the Apple Root CA private key. You get that you have everything. I suspect there's some room in Apple with four layers of doors, burly security guards, and biometric authentication with an iMac who's only purpose is to sign LLB before release.
posted by Talez at 6:50 AM on April 9, 2016 [1 favorite]

If the bill does require insecure software, I wonder who will be liable if a 3rd party uses the government-mandated vulnerability to commit a crime.
posted by lorimt at 6:50 AM on April 9, 2016 [3 favorites]

[ETA - 'with alarms going off...'; as you know, professor, the best thieves know where the alarms are, because they were responsible for putting them in. Good security depends on not having unknowable secrets, except where guaranteed by the laws of mathematics]

Oh come on. Snowden (thankfully) got out because he had a two week head start.
posted by Talez at 7:01 AM on April 9, 2016

I suspect there's some room in Apple with four layers of doors, burly security guards, and biometric

And a copy in the back left hand drawer of the last software guy that fixed the last super serious bug and know that there's going to be another superduper 3am emergency any time now.
posted by sammyo at 7:12 AM on April 9, 2016

Remember this "key" is a half page of letters and numbers. If it's briefly flashed in front of a web cam for less than a second those secure digits can be had by anyone on the internet.
posted by sammyo at 7:16 AM on April 9, 2016 [3 favorites]

The FBI revelaed that its networks have been hacked by a sophisticated actor since 2011. Doesn't sound like a good place to store your escrow keys, air gap or no (e.g. Stuxnet).
posted by RobotVoodooPower at 7:32 AM on April 9, 2016 [7 favorites]

And a copy in the back left hand drawer of the last software guy that fixed the last super serious bug and know that there's going to be another superduper 3am emergency any time now.

Remember this "key" is a half page of letters and numbers. If it's briefly flashed in front of a web cam for less than a second those secure digits can be had by anyone on the internet.

This is so obnoxiously wrong I can't even. This isn't moron SA amateur hour. Serious security people don't let you cat supersecret.key. Just like the UID key on your iPhone isn't let anywhere near your eyes because of the above.
posted by Talez at 7:33 AM on April 9, 2016

Don't think Snowden. Think Guy Burgess..
posted by Devonian at 7:43 AM on April 9, 2016

fwiw,* senator ron wyden says: "For the first time in America, companies that want to protect their customers with stronger security will not have that choice, they will be required by federal law per this statute to decide how to weaken their products to make Americans less safe."

---
*worse than the DMCA-TPP supporter
posted by kliuless at 8:08 AM on April 9, 2016 [2 favorites]

And I doubt very much that the acronyms would be happy with just one box - they'd demand banks of them, geographically dispersed, for 'operational timeliness' or similar, because to them the existence of lots of encrypted data looks just like the Enigma data did to BP - you don't want just one bombe.

People seemed to get caught up on the "one set of keys to the kingdom" part of Devonian's post instead of this portion, but I think this is a much bigger reason why it would never work.

Once there's a way to get data off encrypted iPhones, cops and prosecutors everywhere are going to want them for everything. One DA in Manhattan says he has 175 phones he needs unlocked. You think those are all terrorists? All ticking-time-bomb exigent circumstances cases? No, it's just that every single time you open the door to expanding any kind of government search and seizure authority purportedly for one tiny, rare exceptional situation, it ends up getting used over and over and over again. Usually to nail minorities for drug crimes, spy on protestors, and other bullshit.

If Apple actually designs their phones so that there's an available backdoor, do you think cops and DAs from around the country are going to line up and wait their turn for the one, single device that can access it? No, they'll want a ton of devices. Which means you need multiple devices that all have copies of the private key. Which means you need some way to repeatedly generate the private key inside the secure enclave of those devices - either direct instructions on how to etch it onto silicon/burn it into the ROM/whatever, or a deterministic algorithm to generate keys and a the particular seed that will generate the private key you want. Which can be stolen, leaked, placed at the hands of people subject to blackmail and extortion, etc.

Which is one of the reasons it's a bad idea to design in a backdoor!
posted by cobra_high_tigers at 10:26 AM on April 9, 2016 [15 favorites]

I mean I guess that's a different variation on the one set of keys to the kingdom issue. I'm just saying the set of keys wouldn't be a single reasonably secure device somewhere, because law enforcement in the US would never be satisfied with only a single device. So you'd need a less secure way of making more of those devices, which would be much more vulnerable instead.
posted by cobra_high_tigers at 10:28 AM on April 9, 2016

Key escrow is a bad idea, but I agree with Talez that it does seem possible to implement, but the implementers would have to be paranoid tech security types; the same ones that designed whatever procedures there are around securing Apple's master key, or Verisign's root key, or whatever. Sony's entire network got pwned in the most dramatic way possible and their master keys still remained secure, so far as we know.

but yeah, the probability of a real-world implementation by law enforcement actually doing it halfway securely seems low. Even if there's only one chip, someone will have the bright idea to build a convenient web portal...
posted by BungaDunga at 11:08 AM on April 9, 2016

FBI Quietly Admits to Multi-Year APT Attack, Sensitive Data Stolen
  via observations that the FBI wants to hold these "golden keys".

In the same vein, Moxie Marlinspike once observed the OPM hack might've involved the Dual EC_DRB backdoor created by the NSA. We donno if that's true, but if so that make the NSA's clever "nobody but us" backdoor responsible for one of the worst intelligence debacles in U.S. history (previous discussion).   LOL
posted by jeffburdges at 11:26 AM on April 9, 2016 [9 favorites]

Thing is, Apple doesn't want to have any access to the data. It wants to evolve a way of having some crypto in its products that it cannot bypass. It can at the moment,which nobody else can do, which is the pressure point the Feds are pressing.

I think that at some point fairly soon, Apple will be at the stage where it can deploy an untouchable crypto core. I'm not up on the state of the art of provable systems. nor do I know enough details of Apple's current implementation, but I can see one possible path to producing something which will have a component that Apple cannot update in the field, that does the core functions, and that has been mathematically proven to do that job and no other. At which point, Apple can say that it simply cannot comply with government requests, and there are 30 million units out there already, so can we move on?

I think the probability of this development happening soon is why the law is being proposed so quickly, and so badly, because they want something, no matter what, which will halt the process. And, once enshirned in law, no matter how limited and how magically girded about by airgapped single servers guarded by angels with flaming swords, it will spread out. and the bad guys will use whatever crypto they want, and the rest of us will just wait for the inevitable mammoth fuck-up.

Because this is what has happened in the past, because people.

It is a bad idea to put your reactor system beneath a thermal exhaust port. It is a TERRIBLE idea to write that into the building code.
posted by Devonian at 11:44 AM on April 9, 2016 [8 favorites]

Via CCIA, I see that California also has a bill that would outlaw the sale of encrypted smartphones in the state.

Seems to me the federal one has zero chance of passing into law in anything like the demented form with which we've been presented: There are responsible adults around there somewhere, I think. They'll have to try again, in a year or two maybe? But I wonder how likely to do stupid things the California legislature is feeling lately.

I've just pressed the "encrypt" button on my phone for the first time. There's not much of any importance on it, but all this advertising for the idea finally got to me, I guess.
posted by sfenders at 2:02 PM on April 9, 2016

"Trust us, we're the government, we'll keep it secret"...yeah...about your SF-86 (security clearance ) where you disclose everything about your finances, sexual history, mental health history, academic record, recreational drug use, marital problems...sorry. We gave it to the Chinese. Our bad. We're gonna make it right, though. Do you want 1 free-year of limited commercial identity protection?

Every time someone suggests the government can hold the keys, just say "OPM" and spit.
posted by j_curiouser at 2:14 PM on April 9, 2016 [12 favorites]

Sony's entire network got pwned in the most dramatic way possible and their master keys still remained secure, so far as we know.

That's because any company that's remotely security conscious has moved on to Hardware Security Modules. Nobody sees keys anymore. System administrators don't get access to shit. You get access to a device that can use a key for you on your behalf for an authorized purpose but you never actually see the private key.

Smart cards? SIM cards? They're all secure cryptoprocessors much like the Secure Enclave in your iPhone and their primary purpose is to resist attempts to access the secret stored on the chip while allowing encryption and verification operations to take place.

I think that at some point fairly soon, Apple will be at the stage where it can deploy an untouchable crypto core. I'm not up on the state of the art of provable systems. nor do I know enough details of Apple's current implementation, but I can see one possible path to producing something which will have a component that Apple cannot update in the field, that does the core functions, and that has been mathematically proven to do that job and no other. At which point, Apple can say that it simply cannot comply with government requests, and there are 30 million units out there already, so can we move on?

The biggest problem is that when you deploy something untouchable you also deploy something you can't fix. Apple already has one part of the iPhone that's completely static, the boot ROM (SecureROM). On the plus side there hasn't been a (known) SecureROM exploit since the iPhone 4.

The Secure Enclave firmware could be made read only but we last saw an update to it in iOS 8.1.1 and no doubt Apple are constantly still hardening it.
posted by Talez at 2:37 PM on April 9, 2016 [2 favorites]

I don't think Apple can actually make a phone that is 1) updateable and 2) secure against a future Evil Apple. Even if the cryptosystem is secure, there's the entire rest of the software stack to pwn with an evil update as soon as it's unlocked and online.
posted by BungaDunga at 4:37 PM on April 9, 2016 [1 favorite]

Where's the EFF's model legislation on this?

Here's mine:

.
posted by ocschwar at 4:47 PM on April 9, 2016 [1 favorite]

Key escrow is a bad idea, but I agree with Talez that it does seem possible to implement, but the implementers would have to be paranoid tech security types; the same ones that designed whatever procedures there are around securing Apple's master key, or Verisign's root key, or whatever. Sony's entire network got pwned in the most dramatic way possible and their master keys still remained secure, so far as we know.

Except it's a version of the IRA quote about bombings: the attackers need to get lucky just once and it's game over.
posted by MikeKD at 4:49 PM on April 9, 2016 [2 favorites]

Oh, and air gapping isn't necessarily a perfect solution either, even with a "secure storage area" (because today's secure storage area might not be secure in the future because of new attacks discovered).
posted by MikeKD at 4:55 PM on April 9, 2016 [2 favorites]

How is Feinstein still the Senator from California? She has the record of a Joe Manchin in the 2nd or 3rd most liberal state in the country

Bunch of people have said similar things.

Feinstein isn't remotely close to Machin's voting record. On an ideological scale of 0.00 to 1.00 with 0.00 being the most liberal voting record in the Senate and 1.00 the most conservative, Feinstein clocks in at 0.16 and Manchin 0.46. So Feinstein is one of the more liberal Senators on most issues.

She's wrong here, and she's wrong on a lot of national security type stuff. That doesn't make her record a conservative one most of the time. Frankly, I bet I could find an issue or two where most liberal senators are disappointments.

Could we (as a Californian) replace her with somebody better? Probably, and I hope we eventually do. But I'm not wearing blinders and pretending she's got a record like Manchin, Pryor, or Murkowski.
posted by Justinian at 5:46 PM on April 9, 2016 [4 favorites]

Since someone brought up secure elements, I had this floating around in my bookmarks, might as well post it: “Tamper-Proof” Chips, with Some Work, Might Give Up Their Secrets

Which, you know, is one thing if you're talking about having to go through this delicate process every time local police nab some small time schmuck selling drugs, but if it's the key to the kingdom, well...
posted by indubitable at 5:51 PM on April 9, 2016 [2 favorites]

Also, if you'd like to hear from an actual cryptographer on what attempting to implement backdoors might look like: How do we build encryption backdoors?
posted by indubitable at 6:21 PM on April 9, 2016

There is almost no conceivable backdoor more secure than the NSA's Dual EC_DRB trick, Talez. Yet, it was clearly re-purposed by an adversary in the Juniper hack, and conceivably it contributed to the OPM hack. Also, attack vectors would multiply like rabbits if law enforcement were given any ability to request decryption. It PRNGs besides Dual EC_DRB were outlawed, then Russia and China would deploy their own constant for spying upon their own populations, wrecking our HUMINT there. And they'd sneak their constants into specific devices from time to time too.

It's hilarious watching the administrations attempting to ignore the OPM hack, j_curiouser. It'd cost them way less if all those SF-86 were simply published by wikileaks. As is, there is a major foreign power like China or Russia who can easily analyze everyone involved with any given project to learn both who they can influence, how best to do it, and foresee how to avoid it triggering any counter-intelligence, basically giving that adversary an amazing HUMINT game.
posted by jeffburdges at 6:50 PM on April 9, 2016 [4 favorites]

yeah, jb, the media and administration are just...crickets on OPM. It's without question a bigger national security (as opposed to oops-4th-amendment) disaster than Snowden, and may *actually* cost lives. It's a mystery to me why the last 10-15 years of GS Directors, CIOs, and contractor-integrators aren't facing criminal charges. In addition, there's at least 3 consecutive DAAs that need jail time.

Ars has the best coverage I can find.
posted by j_curiouser at 8:18 PM on April 9, 2016 [6 favorites]

Who out there is supporting the position that our individual security trumps that of potential terrorist use? Anyone? Bueller...?
posted by Windopaene at 6:08 PM on April 10, 2016

I don't think Apple can actually make a phone that is 1) updateable and 2) secure against a future Evil Apple.

The nice thing is that we'll know when they've made the transition when the logo sprouts a goatee
posted by DoctorFedora at 10:56 PM on April 10, 2016 [1 favorite]

Who out there is supporting the position that our individual security trumps that of potential terrorist use? Anyone? Bueller...?

Who out there is supporting the position that we should sacrifice our own security, as potential terrorists will already have the good stuff.

These laws are never about "terrists". They're about being able to throw things at citizens who get out of line.
posted by maxwelton at 12:35 AM on April 11, 2016 [2 favorites]

Aside from the OPM hack being repeated continually, we'll all enjoy more stories like Explicit 'furry' podcast airs on US radio after 'hack' if they pass this legislation. lol

ACLU : Another Privacy Canary in the Coal Mines?

UK government advises using encrypted communications and burner phones.
posted by jeffburdges at 2:46 PM on April 11, 2016

I haven't seen this anywhere on here yet. If I missed it, apologies.

Canada's federal policing agency has had a global encryption key for BlackBerry devices since 2010. - VICE
posted by ODiV at 1:11 PM on April 15, 2016