[TriLUG] Semi OT: Lawmakers demanding encryption bankdoors
Jeremy Davis via TriLUG
trilug at trilug.org
Sun Jan 17 15:01:59 EST 2016
It is ironic how people from the epicenter of global finance and home to
the world’s largest stock exchange are demanding weak encryption.
Jeremy
On Friday, January 15, 2016, Matt Flyer via TriLUG <trilug at trilug.org>
wrote:
> Link:
>
> http://arstechnica.com/tech-policy/2016/01/bill-aims-to-thwart-strong-crypto-demands-smartphone-makers-be-able-to-decrypt/
>
> Snippets from the article:
>
> "A New York assemblyman has reintroduced a new bill that aims to
> essentially disable strong encryption on all smartphones sold in the
> Empire State."
>
> Cue the Picard Face Palm....
>
> ...
>
> "Many local and federal law enforcement authorities have been pushing back
> against the widespread adoption of easy-to-use strong encryption by
> default. In July 2015, New York County District Attorney Cyrus Vance Jr.
> said "the safety of all American communities is imperiled by" iOS 8. In
> September 2014, Apple took a stronger pro-encryption stance, saying that
> under iOS 8 (and later) devices it was unable to access customer data.
> Currently, Apple is also fighting a federal government demand to help
> unlock a criminal suspect’s iPhone in federal court in New York."
>
> ...
>
> "Recent technological advances have the potential to greatly embolden
> online criminals, providing new methods for abusers to avoid detection.
> The United States Attorney General, the director of the Federal Bureau of
> Investigation, and others have severely criticized the efforts of
> smartphone manufacturers to keep evidence immune from lawful process.
> Criticism, however, is not enough."
>
> Make that a double face palm.
>
> In many ways this issue reminds me of the SOPA fiasco and like SOPA, it is
> based upon technological ignorance and IT WILL NOT WORK. Worse, if an
> attempt is made to implement it, it will only make the problem(s) of
> dealing with would be internet criminals worse.
>
> As a supporter and user of open source software, such as Linux, and having
> been around for the previous crypto-wars of strong encryption on the
> browser and the creation of GPG/PGP, it is enough to make we want to reach
> out, grab these idiots, and scream in their face about how this is stupid.
>
> Simply put, users will encrypt their data in a means that is not
> controlled by some corporation. What's more is that putting such measures
> in will only further degrade the trust people have in said products and
> what little trust there is will be obliterated the moment there is a high
> visibility compromise.
>
> Of course, this follows on the heals of the recent revelation that
> Fortigate also had hard coded backdoor SSH access built into their
> hardware:
>
> http://arstechnica.com/security/2016/01/et-tu-fortinet-hard-coded-password-raises-new-backdoor-eavesdropping-fears/
>
>
>
> --
> This message was sent to: Jeremy Davis <jeremyhwllc at gmail.com
> <javascript:;>>
> To unsubscribe, send a blank message to trilug-leave at trilug.org
> <javascript:;> from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web :
> http://www.trilug.org/mailman/options/trilug/jeremyhwllc%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome
--
Jeremy Davis
@jeremydavis0_0
www.linkedin.com/in/jeremydavisprofile/
www.trianglecareerdevelopment.com
More information about the TriLUG
mailing list