[Crypto-chi] Suggestion to break encryption by paying off Apple and Google

Tue Dec 22 02:22:12 UTC 2015

The author of this article states several inaccuracies some of which I'll
mention briefly here:

-  "Members of ISIS, which has been linked to deadly attacks in Paris and
San Bernardino, are widely reported to be using an encryption tool called
Mujahedeen Secrets 2, written by anonymous developers."
This is factually incorrect. There is no known link between encryption in
San Bernadino or Paris, this fact was attributed to anonymous federal
officials who made the comments anoymously and the press reported it as
fact. It has since been revealed that the FBI sources lied to the press.
- "Terrorist encryption"
This is a nonsense propaganda term. What does that even mean?

- Burr and U.S. Sen. Dianne Feinstein (D-Calif.) introduced separate
legislation on Dec. 8 to require tech companies to report online terrorist
activity to law enforcement"  Why should large, unaccountable corporations
be doing this? The FBI and DHS are already unaccountable as is in the war
on Terror, we shouldn't also expect service providers to do this.  In fact
we already have enough corporations (Boeing, Raytheon, Palantir etc) which
profit enormously off these fears. We should advocate more money being
allocated to Facebook or Google or whoever to become partners in such
programs.

- "Comey has repeatedly said he doesn't want to force tech companies to
turn over encryption keys or provide back doors to encrypted data, and has
urged companies to comply voluntarily." This is also not true. the Director
the FBI has explicitly said multiple times we just need more cops "talking
about this" so that the FBI gets their way. This is not about forcing
Congress to create laws but about scaring the populous into accepting
changes. This is a just case of the security state using misdirection and
the author is too lazy, incompetent or complacent to investigate the
claims.

All this argument about encryption is a *distraction from the failures of
mass surveillance over the last 14 years. *As a concrete example here are
some questions we can ask the FBI instead:

- Why did they ignore the intelligence from Russia about the Tamalern
Tsaernaev?
- Why was the FBI unable to recognize Tamalern Tsaernaev when they
attempted to recruit him as an informant?
- How did the local fusion center not recognize Tamalern when one of their
employees worked in the same gym as Tamalern? (who was a local boxing
celebrity)

The State expects us to treat privacy, (in this case encryption) as
separate from security. They are not and the acceptance of the framing of
this question is an act of spy tradecraft.  Secondly, their use of
"security" actually means "stability".  The State is not concerned with
saving lives (if it where, we would immediately desolve DHS and give the
money to the poor) but with maintaining power.

Freddy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://groups.sshchicago.org/pipermail/cryptoparty-chi/attachments/20151221/7ed4cfa8/attachment.html>