Originally published at: https://boingboing.net/2018/08/17/feds-vs-facebook.html
…
The idea that various spoonfuls of the federal alphabet soup don’t already have this capacity and capability is, of course, a bit silly. To think that Facebook is ignorant of this is, of course, even sillier. In this case, it seems the Feds are publicly asking Facebook to play along with the charade in order to maintain the facade.
It’s amusing to watch, at the very least.
It’s possible that certain agencies have some way around this, but by no means certain.
Even in cases where they do, they keep pushing for bigger vulnerabilities, because they don’t want something difficult to use which they actually need a warrant for, they want something they can use on everyone in an automated setup with no oversight.
How are you so sure of this?
That’ll be interesting when they get around to something based on open source.
And in unrelated news MS13 is no longer using Facebook apps for communication. Whoduv guessed?
I’m coming round to the idea that government agencies are vastly less competent than they’d have us believe. The conspiracy, if there is one, is to make us think there is a conspiracy.
Are we really to believe that there is a pool of super smart people that we never knew that go and work for the government?
Facebook is keen to protect the privacy of its users from everyone except Facebook. /s
The downside of calling for regulation of Facebook and similar companies as telecoms is that the they will be less able to resist government requests like this one. Give the feds a foot in the door and they will soon have their fingers in the source code and their noses in everyone’s business. In some parts of the world (not excluding the US), that could be disastrous.
I’ve known a number of quite smart people who went to work at three letter agencies. However, they aren’t magic. Occasionally better funded, though.
Indeed, just as there are plenty of very smart people trying to design secure systems (like those begins WhatsApp, which I assume is what is behind fb messenger).
Experience also suggests that better funding didn’t necessarily lead to better results. If you can’t just buy a super computer, you might need to think more carefully about the problem.
If the Messenger encryption is designed right (highly likely) and implemented well (less likely) the only way the government has after-the-fact access to cleartext is if they’ve weakened the entire encryption routine (highly unlikely, but would only need to be a one-time intrusion) or they are collecting the (transient) keys of all conversations and warehousing them (unlikely and would require a persistent intrusion).
IMHO the odds are that the govt does not have a persistent ability to monitor these sorts of conversations at will, and if anything probably can only do targeted listening with prior knowledge of targets.
I was thinking about how those mathematicians at the NSA don’t have to teach classes. (Sometimes you hear things like “What if the NSA made some super-secret major advance?”.) In academic math, more funding is used to buy yourself out of teaching and so is directly tied to more time to think about your research.
I think the assumption is that common encryption algorithms like AES are actually not broken, if all you have is an encrypted message, and you don’t have the key. But you can go after other weaknesses in the whole end to end system: side-channel attacks, planting malware on the client, taking advantage of other weaknesses in wrapper protocols such as TLS, bad/insecure key management, exploiting bugs, etc. It is known that NSA pursues the ability to read encrypted traffic and probably can read a lot of it. But I guess not all of it.
True, but at the same time teaching is a very good way to consolidate understanding, often leading to new insights.
Interesting theory, do you have any sources to support it? Last I heard the math was good
When we put men on the moon a mere decade after having no satellites, there must have been a pretty sizeable pool.
Of course, that was a while ago, maybe today’s equivalents all work in silicon valley?
Sometimes, but it depends on what you are teaching and how many times you have taught it already.
Right, they clearly asked for the wrong thing and also failed to offer creative options to the court; even if it’s a moral hazard to ask for a special version of Facebook that also makes kidnapping elected officials and tracking your ask/reward of them super fun, you should be able to game up advertisement that makes leaking accounting and stuff really compelling. I mean, at least to draw a fight between the Hispanic Trump Voter and MS13 to offer counseling for the internal conflict. You could do it board-driven…just [okay, that was from the lead-out of R&M season 1 which is somehow not ep. 12]
It doesn’t sound super fun to bug something the size of .MX for ultrasonic ads in Fortnite, but it’s not impossible there either. Did the corruption interdiction people get a raft of rules that they had to be crazy dull the way they cracked things out? We did if we only order that service from Reserve Banking via Fannie Mae. Ick?
This has nothing to do with the MS13 case. They could as for decryption of the data relevant to the case but instead they have chosen to ask for the key to everyone’s messages.
This topic was automatically closed after 5 days. New replies are no longer allowed.