FBI's crypto backdoor plans require them to win the war on general purpose computing


#1

[Permalink]


#2

More to the point, you would have to ban development systems like the pi and the beaglebone, so that people can’t just pay 40 bucks to be root on their own machine. Do that and you stop people developing new devices, forever.


#3

Jesus America, wtf is wrong with you? If you want to become a totalitarian regime you should take some lessons from North Korea they have been is this business longer.


#4

Taking the “Damning with faint praise” approach to kill popularity, I wonder if we could get the Westboro Baptist Church to take up the cause and make some slogans:

Turing Complete is Completely UnAmerican!

Down With Recursive Enumeration!

Stop the Halting Problem!

God Hates P ≠ NP

The DES Keys to the Kingdom of Heaven Lie Open to All! (John 3.16 verse 0xE0E0E0E0F1F1F1F1)


#5

I agree that it’s probably futile to ban cryptography, as it’s tantamount to banning knowledge generally, which tends to be impossible.

But my more important, pedantic point: For the sake of legibility, please capitalize brand names in the same manner as (pretty much) everyone else. It’s iOS, iPad, etc. – not Ios and Ipad. I’m sure there’s some very good reason not to have corporations impose their will on our alphanumeric conventions, or whatever, but the importance is in being understood. By all means, don’t use the ™ or ® symbols, but you should accept that brand names, acronyms, and the like will have unusual spelling and capitalization, and that’s how people recognize them. For good or ill.


#6

It’s a deliberate choice.


#7

He says “As with every style question, the primary goal is clarity,” but this goes against clarity and legibility. The difference from the norm calls attention to itself more than the branding-prescribed capitalization scheme in the first place. Might as well spell the company in Redmond “Micro$oft” and make other political points with your choice of punctuation. It’s silliness.


#8

TBH, I don’t actually care one way or the other :slight_smile: , but as a new poster, I figured you might not be aware of @doctorow’s stylistic preferences.

If you want to kick the whole idea around, best thing to do would be to start a new thread on the BBS about it.


#9

I appreciate your informative response, which confirmed that it was indeed a stylistic choice made as a political statement.

Now, I am resolved to suffer no longer under the typesetting tyranny of Toys’ Я’Us. Corporate personhood be damned! From here on out it shall be writ forwards, smooth and whole: Toys Are Us.


#10

Do you even Doctorow?


#11

Nice avatar


#12

Actually, that name is spelled correctly; it’s supposed to be pronounced “Toys Ya Us.”


#13

I’d be the first to agree that expecting to win all of the battles all of the time is trivially unrealistic(both because of specific demands from things like smartcards, which need to do crypto at low cost and virtually zero power; and the general advance of absurdly fast and cheap silicon, it’s getting pretty tricky to buy hardware that is too feeble to be used for cryptographic applications, and the theory, source code, or both, for not-terribly-full-featured-but-adequate implementations could be printed and bound in less than a bookshelf worth of space, possibly a single book); but I would be very leery of discounting the possibility of a ‘most of the people, most of the time’ win.

Consider: It is 2005. Would you believe me if I told you that, even ignoring the world of gaming consoles(which are already locked down), over a billion personal computing devices that actively refuse to run anything not cryptographically blessed by the vendor would be sold within the decade, and that they would be wildly popular? Well, that’s iOS. Not only is it the biggest lockdown ecosystem to come out of nowhere in quite some time; it’s the one that most directly went gunning for market share that relatively open personal computers previously occupied(game consoles and dumbphones have generally been locked all to hell; but tended not to compete with unlocked systems. Iphones more or less annihilated the scraps of the PalmOS and PocketPC PDA/smartphone market, and ipads went hunting for lighter-duty PCs).
Consider, also, the…less than totally inspiring… uptake of things like PGP/GNUPG, despite longstanding availability. The Cypherpunk Utopia is right there for the downloading; but basically nobody wants to RTFM(plus, it doesn’t work with webmail, and kids these days just look at you funny if you talk about ‘IMAP clients’ or ‘set the SMTP server address here’).

I’d be the first to agree that the extermination of general-purpose computing is effectively impossible: new-old-stock microcontrollers salvaged from basically anything would probably keep it going for a century or more, even if all fabrication were shut down tomorrow. However, I doubt that that is necessary to get most of what they want. A ‘CALEA 2’ law aimed at the companies that control the walled gardens would get you most of the low hanging fruit; and an ongoing campaign of exploiting implementation vulnerabilities, where available, in products that can’t be thus controlled, sowing uncertainty and risk by seeding plausible-looking but backdoored ‘secure’ projects, running malicious TOR exit nodes, etc, etc. would be quite difficult to resist.

Team Total Information Awareness loses if running a secure, all-the-fancy-crypto, configuration becomes the trivially easy out-of-the-box default, and basically anyone who doesn’t actively bludgeon their devices to do something else is running it; but so long as they can keep the mass market defaults weak or nonexistent, I suspect that the remaining population of hard cases gets a lot smaller, and thus easier to surveill by other means(even if you can’t read their messages, it’s a lot hard to hide the fact that you are sending unreadable traffic than it is to generate unreadable traffic, and it is harder still to resist more aggressive techniques like ‘implants’ being added to your hardware during shipping.)


#14

Not only that - DRM requires crypto for its functionality. They’d have to provide the tech to some and deny it to others. They’d have to use the same tech they want to deny to the users to police the users.

Then there’s the issue of rooted devices. I for one demand my toys to be under my command, and get a root whenever I can even if I don’t strictly need it, as a matter of both principle and precaution. (My new-hardware choices are strongly influenced by this requirement, too.) These would have to be stamped out; otherwise the “remote application removal” “feature” could be too easy to remove.

And then there’s another issue, of those pesky ubiquitous SoC chips, and even those little cheap boards the market is now full of. It is annoyingly easy to make a secure phone with one, using either a M2M comm module, or even a stock cellphone used only as an untrusted comm peripheral via USB or bluetooth link.

The adversary cannot win. They can be unpleasant, they can slow things down, but they technically cannot win.

Edit: It also shows that there is quite a tradeoff. We can accept a walled garden approach, and suck up all the imposed limitations in exchange of relative safety of somewhat-vetted applications, with the tradeoff of being forced into mandated insecurity. Or we can jailbreak our stuff and sideload apps, with the risk of getting exploited (as black market apps will have problems with quality control - but that can be also somewhat solved, we just need very strong reverse-engineering tools - virtual reality visualisations of code flow, where are you?) - see what China does to the alternative comm apps for iPhones, e.g. the malware used during the Hong Kong protests.
I’ll go for the latter, as the adversary at least has to attack actively (and leave forensic traces).
And I’m waiting for the apple-flavored Kool Aid drinkers to swarm out and argue that Walled Gardens Are Good.


#15

You can stuff quite some text into a cat video.
Or have encrypted text messaging in a plaintext video chat.


#16

Yeah, but even an expansion of CALEA would go a long way to getting them what they want. We’ve seen how administrative subpoenas and warrants have shutdown services like Lavabit. Heck, they could even have the FCC use its expanded powers under Title II reclassification to force ISPs to comply with law enforcement as part of a twisted concept of network neutrality and responsibility.

They can’t win exactly, but consider how many people never send encrypted emails (despite the theory being extremely well known) just because it’s difficult to do. Or consider how many people try to protect themselves but fail because of misconfiguration or other OPSEC issues. That includes criminals and terrorists and anybody else the government wants to track; actual security practice does not match what should be possible. If you make good security practice more inconvenient, fewer people will do it.


#17

Steganography is certainly a valid strategy(and endless source of amusing and creative ways of stuffing data inside other data while keeping everything conformant and normal looking; but I’d be somewhat pessimistic about its utility here(except, ironically, for certain actual-malefactor uses cases).

The trouble is that, unlike cryptography, where you can make fairly strong claims about its effectiveness(‘barring the existence of a prime factorization mechanism that runs in such-and-such time, you aren’t getting anything useful’), steganography is always security by obscurity. It might well be effective; depending on your technique and the adversary’s competence; but there is little you can do to be more or less confident in it. Worse, under a hypothetical legal framework attempting to crack down on cryptography, steganography development would be something you’d likely have to do alone/with trusted conspirators(since public development would expose your methods to The Man), while steganographic attacks could be freely developed, and likely would be, either by the adversary or for sale to them.

It would certainly work some of the time, quite possibly much of the time; but, unless the penalties for using non-backdoored crypto were so laughable that the steganography would be irrelevant, you would only need to get unlucky once in order to have the proverbial ton of bricks descend.


#18

That strongly depends on the ratio of covert to overt data. There is some math theorem in theory of communication that deals with the amount of noise (Shannon - Mathematical Theory of Communication, I think). If you operate under that ratio, and have a good conventional crypto to give you the positions of bits that carry information instead of the noise, even the best equipped adversary cannot find anything without knowing of the key - and we’re back on the floor of conventional crypto where secrecy depends or should) on the key only.

If you manage to squeeze this into a library for handling e.g. video or audio compression, then you can exploit existing comm apps; nothing in the comm protocol then will look as something out of ordinary and you’ll have a wide choice of covert channels.


#19

#20

Seems there are a bunch of WBC-sign generators out there.