FBI finally gets the memo that, yes, other people can find and use mandated back doors

  • mdalin@infosec.pub
    link
    fedilink
    English
    arrow-up
    44
    ·
    13 days ago

    Important to note the “done and dusted” quote in the headline of this article (and most of the rest of the “content”) isn’t from anyone at any government agency. It comes from a guy who runs a “data encryption start-up” and is shilling his own product. Most of the “news” being covered here is just speculation from this one guy.

    The only “reversed course” from the government, as alluded to in the article, is CISA encouraging government employees to use E2EE messaging since our telecom infrastructure is basically perma-pwn’d by the Chinese.

    Government intelligence agencies would still VERY MUCH like to have backdoors in this encryption and there is nothing to indicate that has changed.

  • Snot Flickerman@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    35
    arrow-down
    1
    ·
    13 days ago

    The problem is that the government is speaking out of both sides of it’s mouth.

    https://www.techpolicy.press/the-fbi-wants-you-to-know-it-has-not-changed-its-position-on-encryption-and-thats-a-problem/

    Dec 20, 2024

    But at an important meeting of experts this week in Saudi Arabia, an FBI official appeared to take a different view, one that suggests the FBI’s perspective on encryption has shifted very little. The annual UN Internet Governance Forum happening in Riyadh this week was a crucial moment to talk about encryption, and the FBI convened a panel to discuss encryption in the context of child safety, of which I was a speaker and including other experts from the UK, Australia, New Zealand, and the US. During the session, FBI section chief Katie Noyes said, “We are very supportive of encryption technologies. We just want them to be managed in a way, much like in telecommunications.”

    Similarly, in a video posted by the agency two weeks ago, FBI Assistant Director Bryan Vorndran said, “The FBI has been really, really consistent about our stance on lawful access encryption. We’re actually big, big supporters of it, but it has to be reasonably responsibly managed so that we can get what we need on the other side.”


    This source is a little older, but it also shows why it’s not as simple as the US just getting over it. There are information sharing agreements among the Five Eyes that pushes them all toward backdoor encryption access. This is an older article, but it helps confirm that these five countries are hardline gunning down the path towards encryption backdoors and hasn’t ever really stopped. It will take more than Salt Typhoon for them to really get the message I think.

    https://www.cnbc.com/2020/10/12/five-eyes-warn-tech-firms-that-encryption-creates-severe-risks.html

    Ministers from the U.S., U.K., Canada, Australia and New Zealand published a statement Sunday calling on the tech industry to develop a solution that enabled law enforcement to access tightly encrypted messages.

    “We urge industry to address our serious concerns where encryption is applied in a way that wholly precludes any legal access to content,” the statement, which was signed by U.S. Attorney General William Barr and U.K. Home Secretary Priti Patel, said.

    • plasticcheese@lemmy.one
      link
      fedilink
      English
      arrow-up
      31
      ·
      13 days ago

      “We are very supportive of encryption technologies. We just want them to be managed in a way, much like in telecommunications.”

      I just threw up a little bit

      • winterayars@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        8
        ·
        12 days ago

        Yeah that telecommunications part is working out great right now, huh? Well, i guess we just gotta keep fighting them.

  • SevenSkalls [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    8
    ·
    13 days ago

    Took them long enough. The government is still too stupid to deal with technology if it took them this long to start realizing back doors are bad for security.

  • style99@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    13
    ·
    13 days ago

    Considering anyone who isn’t an idiot already uses steganography for security, who is this for?

    • floofloof@lemmy.ca
      link
      fedilink
      English
      arrow-up
      26
      ·
      13 days ago

      I don’t understand your comment. Steganography in computing is about hiding messages inside other media, but this doesn’t in itself achieve any kind of encryption. The current discussion is about encryption, and whether it should have backdoors (the answer is no). Even if you hide your message in an image or video file, you still face the question of how to encrypt it. So steganography seems orthogonal to the debate about encryption.

    • ReversalHatchery@beehaw.org
      link
      fedilink
      English
      arrow-up
      6
      ·
      12 days ago

      According to you, only a half dozen of people are not idiots on this world, correct?

      why would everyone, or even just I as a kind of technically adept person, use steganography daily? what problem does it solve?