The national intelligence services of the United States, the United Kingdom, Australia, Canada, and New Zealand have joined forces to support legislation requiring makers of encryption software to incorporate defects into their products so as to allow surveillance agencies (such as law-enforcement and espionage operations) to seize and decrypt communications between users of the software.
“Statement of Principles on Access to Evidence and Encryption”
Department of Home Affairs, Australian Government, August 29, 2018
The Governments of the Five Eyes encourage information and communications technology service providers to voluntarily establish lawful access solutions to their products and services they operate in our countries. …
Should governments continue to encounter impediments to lawful access to information necessary to aid the protection of the citizens of our countries, we may pursue technological, enforcement, legislative or other measures to achieve lawful access solutions.
Of course, in the United States, any government access to private communications is unlawful, indeed unconstitutional, unless it is supported by a warrant, endorsed by a judge of the relevant jurisdiction, “upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” Unfortunately, in this context, ‘lawful’ is simply a stylistic variant of ‘government’, not referring to any actual law. The threat to resort to system cracking if backdoor entries to encryption systems aren't provided reinforces this obvious indifference to the rights of citizens and subjects.
“Five-Eyes Intelligence Services Choose Surveillance over Security”
Bruce Schneier, Schneier on Security, September 6, 2018
To put it bluntly, this is reckless and shortsighted. I've repeatedly written about why this can't be done technically, and why trying results in insecurity. But there's a greater principle at first: we need to decide, as nations and as society, to put defense first. We need a “defense dominant” strategy for securing the Internet and everything attached to it.
This is important. Our national security depends on the security of our technologies. Demanding that technology companies add backdoors to computers and communication systems puts us all at risk. We need to understand that these systems are too critical to our society and — now that they can affect the world in a direct physical manner — affect our lives and property as well.
Cory Doctorow, Boing Boing, September 5, 2018
It is impossible to overstate how bonkers the idea of sabotaging cryptography is to people who understand information security. If you want to secure your sensitive data either at rest — on your hard drive, in the cloud, on that phone you left on the train last week and never saw again — or on the wire, when you're sending it to your doctor or your bank or to your work colleagues, you have to use good cryptography. Use deliberately compromised cryptography, that has a back door that only the “good guys” are supposed to have the keys to, and you have effectively no security. You might as well skywrite it as encrypt it with pre-broken, sabotaged encryption. …
Cryptography [is] the basis for all trust and security in the 21st century.
But of course. It's not a bug — it's a feature.
“Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States”
Kim Zetter, Motherboard, July 17, 2018
The nation's top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, raising questions about the security of those systems and the integrity of elections that were conducted with them.
In a letter sent to Sen. Ron Wyden (D-OR) in April and obtained recently by Motherboard, Election Systems and Software acknowledged that it had “provided pcAnywhere remote connection software … to a small number of customers between 2000 and 2006,” which was installed on the election-management system ES&S sold them.
The statement contradicts what the company told me and fact checkers for a story I wrote for the New York Times in February. At that time, a spokesperson said ES&S had never installed pcAnywhere on any election system it sold. …
ES&S customers who had pcAnywhere installed also had modems on their election-management systems so ES&S technicians could dial into the systems and use the software to troubleshoot, thereby creating a potential point of entry for hackers as well.
In May 2006 in Allegheny County, Pennsylvania, ES&S technicians used the pcAnywhere software installed on that county's election-management system for hours trying to reconcile vote discrepancies in a local election, according to a report filed at the time. And in a contract with Michigan, which covered 2006 to 2009, ES&S discussed its use of pcAnywhere and modems for this purpose. …
In 2006, the same period when ES&S says it was still installing pcAnywhere on election systems, hackers stole the source code for the pcAnywhere software …
Security researchers discovered a critical vulnerability in pcAnywhere that would allow an attacker to seize control of a system that had the software installed on it, without needing to authenticate themselves to the system with a password. And other researchers with the security firm Rapid7 scanned the internet for any computers that were online and had pcAnywhere installed on them and found nearly 150,000 were configured in a way that would allow direct access to them. …
In its letter to Wyden, ES&S defended its installation of pcAnywhere, saying that during the time it installed the software on customer machines prior to 2006, this was “considered an accepted practice by numerous technology companies, including other voting system manufacturers.”
That's the problem, all right. My guess is that installing remote-access backdoors is still a universal practice among makers of proprietary election-management devices, though perhaps “accepted” is no longer the right word for it. There's an obvious need for remote access in this day and age: Without it, how would the managers of elections be able to determine their outcomes?
The Institute of Electrical and Electronic Engineers has issued a straightforward statement endorsing the use of strong encryption both by governments and by individuals and opposing requirements to insert backdoors into software packages that implement strong encryption.
“In Support of Strong Encryption”
IEEE Board of Directors, IEEE, June 24, 2018
Exceptional access mechanisms would create risks by allowing malicious actors to exploit weakened systems or embedded vulnerabilities for nefarious purposes. Knowing that exceptional access mechanisms exist would allow malicious actors to focus on finding and exploiting them. Centralized key escrow schemes would create the risk that an adversary would have an opportunity to compromise security of all participants, including those who were not specifically targeted. …
Efforts to constrain strong encryption or introduce key escrow schemes into consumer products can have long-term negative effects on the privacy, security, and civil liberties of the citizens so regulated. Encryption is used worldwide, and not all countries or institutions would honour the policy-based protections that exceptional access mechanisms would require. A purpose that one country might consider lawful and in its national interest could be considered by other countries to be illegal or in conflict with their standards and interests.
Eight vignettes from a foreseeable future.
Cory Doctorow, this., August 17, 2017
A research team at Boston University has discovered a technique for partially encrypting messages so as to make decryption extremely expensive, but not impossible. They call their partial-encryption system “cryptographic crumpling.” The computation required to decrypt a message prepared by this technique is useless in the decryption of any other message, so there are no economies of scale — the decryptor must pay the high computational price all over again for each new message.
The researchers offer their system as a way of resolving the “second crypto wars” between government officials, who insist that the makers of all commercial-grade encryption software must provide back doors for law-enforcement and national-security agencies, and privacy advocates, who insist that only strong, end-to-end encryption will protect their rights. The researchers argue that their system would allow well-funded government agencies to access the partially encrypted data in exceptional cases, but would force those agencies to choose their targets so carefully that the privacy rights of ordinary users would not be significantly affected.
But this proposal doesn't really accommodate either side. Government officials say they need to decrypt messages that could contain evidence of crime or terrorism regardless of how many such messages there are, and so would not be content with a system in which their budget constrains their ability to decrypt. And privacy advocates would surely note that if government officials with legitimate interests in the contents of communications were able to perform the decryptions, so too would corporations bent on industrial espionage, hostile foreign governments, and even well-funded hacking teams. A back door works equally well for everyone who has the resources to open it.
Such failed attempts at compromise reinforce the conclusion (which most security analysts reached long ago) that the requirements of government officials and privacy advocates are incompatible.
“Cryptographic Crumpling: The Encryption ‘Middle Ground’ for Government Surveillance”
Charlie Osborne, Zero Day, March 19, 2018