Tech giants say UK spy agency’s encryption proposal as threat to security and human rights

A proposal from a British spy agency to allow law enforcement access to encrypted communications in certain cases “poses serious threats to cybersecurity and fundamental human rights including privacy and free expression,” a group of security researchers, civil liberties groups, and tech giants like Apple, Google, and Microsoft, have warned. In an open letter to GCHQ, the United Kingdom’s signals intelligence agency, the coalition of tech organizations rejected the agency’s suggestion that adding a law enforcement official to a group chat or call would not threaten civil liberties or the security of encrypted messaging services. If implemented, the GCHQ proposal would “undermine the authentication process that enables users to verify that they are communicating with the right people, introduce potential unintentional vulnerabilities, and increase risks that communications systems could be abused or misused,” states the letter, which was made public this week. Other signatories include Human Rights Watch, Reporters Without […]

The post Tech giants say UK spy agency’s encryption proposal as threat to security and human rights appeared first on CyberScoop.

Continue reading Tech giants say UK spy agency’s encryption proposal as threat to security and human rights

Australia passes world’s first law authorizing encryption backdoors

Australia’s Parliament on Thursday passed the world’s first law requiring technology companies to give law enforcement officials access to encrypted messages and communications. The law authorizes police to compel companies to create a security vulnerability, often called a backdoor, that would give investigators access to an individual’s communication without that person’s knowledge. It marks a major milestone in the so-called “crypto wars” over the public’s ability to “go dark” via the powerful encryption available on commercial devices. Authorities in Australia, U.S., and U.K. for years have argued such access is necessary to help police combat encryption in modern technology that protects them from traditional interception techniques. Privacy advocates, technologists and businesses including Apple have criticized the Australian bill and similar proposals elsewhere, saying such plans would introduce portals for government abuse and malicious hackers alike. Companies that fail to obey the law risk being fined. “This ensures that our national security […]

The post Australia passes world’s first law authorizing encryption backdoors appeared first on Cyberscoop.

Continue reading Australia passes world’s first law authorizing encryption backdoors

Rosenstein warns encryption can be ‘significant detriment’ to public safety

U.S. Deputy Attorney General Rod Rosenstein warned technology companies that Americans will not accept a culture in which encryption makes it impossible for law enforcement to investigate crimes, the latest comments in a long effort by the Department of Justice to find a way around end-to-end encryption. In a speech Thursday, Rosenstein urged tech firms to develop technology that keeps users’ data and communication as secure as possible, while also maintaining the ability to provide that information to law enforcement if it’s tied to an investigation. Firms including Apple, WhatsApp and others have introduced end-to-end encryption, a security measure that renders messages unreadable except to the sender and recipient. That type of technology is having “a dramatic impact on our cases, to the significant detriment of public safety,” Rosenstein said. Rosenstein’s remarks at Georgetown University Law Center’s Cybercrime Conference come amid the years-long “Going Dark” debate in which the public […]

The post Rosenstein warns encryption can be ‘significant detriment’ to public safety appeared first on Cyberscoop.

Continue reading Rosenstein warns encryption can be ‘significant detriment’ to public safety

Congress wants to prevent states from weakening encryption

A bipartisan group of House lawmakers has reintroduced legislation that would preempt any attempts by states to weaken encryption. The bill would bar states from compelling a tech company to “design or alter the security functions in its product or service to allow the surveillance of any user of such product or service,” according to its text. Republican Reps. Mike Bishop of Michigan and Jim Jordan of Ohio and Democratic Reps. Ted Lieu of California and Suzan DelBene of Washington are the bill’s sponsors. The bill also would keep states from prohibiting the sale of products or services with strong encryption. Lieu introduced the legislation in 2016, but it stalled during that congressional session. Law enforcement officials have said strong encryption has hampered numerous investigations by thwarting access to a suspect’s communications. However, those claims were undercut after the FBI admitted in May it had vastly overstated the number of encrypted devices […]

The post Congress wants to prevent states from weakening encryption appeared first on Cyberscoop.

Continue reading Congress wants to prevent states from weakening encryption

In the dark about ‘going dark’

We can now add “a growing lack of trustworthiness on encryption-related topics” to the FBI’s list of problems. Recent reports have shown the FBI’s encryption argument is not only wrong, but greatly exaggerates the problem’s magnitude. This comes on the heels of a shocking report by the Department of Justice’s Inspector General, suggesting that some FBI staff purposely slowed efforts to unlock Syed Rizwan Farook’s iPhone in the aftermath of the San Bernardino shooting to pressure Apple to build a backdoor. These two episodes are troubling; lawmakers should demand a thorough accounting of the FBI’s actions and the public deserves full transparency about the true nature of the FBI’s encryption problem. The FBI and DOJ have long argued that the proliferation of end-to-end encryption — whereby only the user can access the plain text of their data — allows criminals to “go dark,” operating beyond law enforcement’s reach. Cybersecurity experts […]

The post In the dark about ‘going dark’ appeared first on Cyberscoop.

Continue reading In the dark about ‘going dark’

Government would be barred from mandating crypto backdoors under House bill

A bipartisan group of House lawmakers on Thursday reintroduced legislation that would bar the government from mandating “backdoors” — configurations that enable surveillance — in commercial software and hardware products. The move is the latest salvo in a long-running legislative fight over law enforcement access to encrypted communications, and it comes after a Senate committee recently sought input from big technology firms on regulating encryption. Law enforcement officials say encryption has hampered investigations by preventing access to suspects’ communications, while cryptographers warn that weakening encryption could greatly undercut digital security for everyday people. “It is troubling that law enforcement agencies appear to be more interested in compelling U.S. companies to weaken their product security than using already available technological solutions to gain access to encrypted devices and services,” Rep. Zoe Lofgren, D-Calif., one of the bill’s sponsors, said in a statement. She introduced the bill in 2014 and has repeatedly sounded the alarm […]

The post Government would be barred from mandating crypto backdoors under House bill appeared first on Cyberscoop.

Continue reading Government would be barred from mandating crypto backdoors under House bill

Lawmakers Call FBI’s ‘Going Dark’ Narrative ‘Highly Questionable’ After Motherboard Shows Cops Can Easily Hack iPhones

US lawmakers have asked FBI Director Christopher Wray to answer questions around phone unlocking technology, after Motherboard found agencies have bought tools to crack iPhones. Continue reading Lawmakers Call FBI’s ‘Going Dark’ Narrative ‘Highly Questionable’ After Motherboard Shows Cops Can Easily Hack iPhones

Congress wants answers on FBI’s ‘going dark’ problem in wake of DOJ IG report

A bipartisan group of House lawmakers wrote to FBI Director Christopher Wray Friday slamming the FBI’s handling of the San Bernardino shooter’s locked iPhone, adding that the bureau’s claim that it couldn’t bypass encryption on some 7,800 devices last year “seems highly questionable.” The lawmakers said a recent Justice Department inspector general report on the subject “undermines statements that the FBI made during the San Bernardino litigation and consistently since then, that only the device manufacturer could provide a solution.” The report found that some bureau officials didn’t want to find a solution because it could undercut FBI efforts to legally compel Apple to break the device’s encryption. The letter could further inflame the debate over the “going dark” issue, which posits that criminal investigations are often thwarted due to law enforcement’s inability to bypass encryption. CyberScoop recently reported that a Senate panel could be drawing up a new bill on the subject. Signatories of the letter include […]

The post Congress wants answers on FBI’s ‘going dark’ problem in wake of DOJ IG report appeared first on Cyberscoop.

Continue reading Congress wants answers on FBI’s ‘going dark’ problem in wake of DOJ IG report

FBI has unit solely devoted to its ‘going dark’ problem

The FBI has formed a unit inside its Operational Technology Division (OTD) to specifically address law enforcement’s efforts to bypass encryption on various devices, a problem it refers to as “going dark.” The unit comes as a result of a Justice Department’s Inspector General report that finds poor communication within the FBI during its prolonged encryption battle with Apple in 2016. The new “going dark” unit is designed to help streamline technical investigations within the FBI, including finding a weak point into various iPhone models. The IG issued a report Tuesday that examines the FBI’s work during the San Bernardino terror attack investigation. That investigation led to a subsequent debate over the FBI’s inability to access shooter Syed Farook’s iPhone. The device, an iPhone5c, was protected by built-in encryption. The report concluded that none of the FBI’s public testimony was false — they did not have the capability to access the iPhone’s contents — but poor […]

The post FBI has unit solely devoted to its ‘going dark’ problem appeared first on Cyberscoop.

Continue reading FBI has unit solely devoted to its ‘going dark’ problem

FBI Barely Tried to Hack San Bernardino iPhone Before Going To Court With Apple

A new report by the Department of Justice’s Office of Inspector General found that the FBI could have done more before going to court and arguing it needed Apple’s help to unlock an alleged terrorist’s phone. Continue reading FBI Barely Tried to Hack San Bernardino iPhone Before Going To Court With Apple