We Demand Compromised Security!

A few weeks ago, Apple announced that their new OS encrypts data so that Apple literally can not access it without the user’s permission. Google followed by announcing their new Android OS will do the same thing. This has been done ostensibly to prevent the government from forcing Apple to divulge information stored in someone’s accounts. This might prevent law enforcement from executing a search warrant delivered to the company. It might also, however, block agencies from getting phone data without a warrant or notification of the user, as they are want to.

Naturally, law enforcement types don’t like this. Their supporters are up in arms over Apple “enabling criminals” by forcing the government to get a warrant and get your password if they want to search your electronic persons, papers, houses and effects. So the WaPo has proposed a “compromise”:

How to resolve this? A police “back door” for all smartphones is undesirable — a back door can and will be exploited by bad guys, too. However, with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key they would retain and use only when a court has approved a search warrant. Ultimately, Congress could act and force the issue, but we’d rather see it resolved in law enforcement collaboration with the manufacturers and in a way that protects all three of the forces at work: technology, privacy and rule of law.

In short, the WaPo wants the technically impossible: a backdoor that isn’t really a backdoor. And we should entrust this backdoor into every phone in the country to law enforcement — comprising God knows how many people. We should entrust this backdoor to a group of people who recently did this:

For years, local law enforcement agencies around the country have told parents that installing ComputerCOP software is the “first step” in protecting their children online.

Police chiefs, sheriffs, and district attorneys have handed out hundreds of thousands of copies of the disc to families for free at schools, libraries, and community events, usually as a part of an “Internet Safety” outreach initiative. The packaging typically features the agency’s official seal and the chief’s portrait, with a signed message warning of the “dark and dangerous off-ramps” of the Internet.

As official as it looks, ComputerCOP is actually just spyware, generally bought in bulk from a New York company that appears to do nothing but market this software to local government agencies.

Calling it “spyware” is a nice term of art. A more precise description is that it is a keylogger which transmits to third-party servers — without encryption — every key typed on a computer. Passwords, private communications, credit card numbers … all of that is transmitted in clear text. If your child (or you) use a laptop with this malware and someone has a basic packet sniffer nearby, they could take over your life.

(The cops have responded to the EFF, claiming that only an “ultra-liberal” organization who is “more interested in protecting predators and pedophiles than in protecting our children” should care that their software is one of the most unsafe things you could put on your computer.)

This is the group we should trust with backdoors to every cell phone in the country, according to the WaPo.

Comments are closed.

  1. Seattle Outcast

    And at this point the cops and feds can just go fuck themselves with a sharp stick. They over-reached, massively, and wiped their collective ass with the bill of rights, and now it is coming back around to bite them for their presumption.

    Furthermore, that this would happen was predicted 30 years ago, back when the maker of Pretty Good Privacy was giving away an encryption program that the cops hated and then mounted a campaign designed to put him out of business. I bet the ground work for this type of “you must give us the golden security key and trust us” was really put in motion when the NSA bent Ma Bell over and raped her into submission for the right to listen in on phone calls for certain words.

    Thumb up 3

  2. Technomad

    Do these fools really think that we don’t know that there are such things as corrupt cops, subverted cops, and venal cops? I was reading Gods of Mischief, an account of a guy who infiltrated the Vagos Motorcycle Club, and he talked at some length about cops who were so close to the bikers that they were supposedly chasing as to raise questions in his mind about which side they were on…and others that were in the bikers’ pockets in various ways.

    Or down in New Orleans, they’ve had endless trouble with crooked cops, including some who were hiring out to the local hoods as their private Murder, Inc. Just because someone’s a JBGT does not mean that he hasn’t sold out to the other side, not for a second it doesn’t!

    Thumb up 2

  3. InsipiD

    It’s not enough that every city has a SWAT team with an MRAV that was practically free, they want to be able to bypass phone security (that’s only been added because users requested it after all too many warrantless searches)? This needs to get deescalated in a hurry. Put the MRAVs on eBay or destroy them if it’s too dangerous to sell to an individual, and don’t force Google and Apple to open their users to self-incrimination. The phone is like any other computer, and its security software settings should be up to the user.

    Thumb up 1