<nettime> FBI pushes for surveillance backdoors in Web 2.0 tools

nettime's very avid reader nettime at kein.org
Sat Feb 19 03:06:02 PST 2011

By Ryan Singel, wired.com | Last updated about 19 hours ago


The FBI pushed Thursday for more built-in backdoors for online 
communication, but beat a hasty retreat from its earlier proposal to 
require providers of encrypted communications services to include a 
backdoor for law enforcement wiretaps.

FBI general counsel Valerie Caproni told Congress that new ways of 
communicating online could cause problems for law enforcement officials, 
but categorically stated that the bureau is no longer pushing to force 
companies like RIM, which offers encrypted e-mail for business and 
government customers, to engineer holes in their systems so the FBI can see 
the plaintext of a communication upon court order.

"Addressing the Going Dark problem does not require fundamental changes in 
encryption technology," Caproni said in her written testimony (PDF). "We 
understand that there are situations in which encryption will require law 
enforcement to develop individualized solutions."

("Going Dark" is the FBI's codename for its multimillion-dollar project to 
extend its ability to wiretap communications as they happen.)

That's a far cry from what Caproni told The New York Times last fall:

    "No one should be promising their customers that they will thumb their 
nose at a US court order," Ms. Caproni said. "They can promise strong 
encryption. They just need to figure out how they can provide us plain 

Those remarks indicated the FBI seemed to want to revisit the encryption 
wars of the 1990s. That largely ended with the government scrapping its 
plans to mandate backdoors in encryption, after security researchers 
discovered flaws in the idea, and the National Research Council concluded 
that strong encryption made the country safer.

But that retreat didn't satisfy Susan Landau, a privacy and cryptography 
expert who testified alongside Caproni in front of a House Judiciary 
subcommittee Thursday.

That's because the FBI is still pushing for more online-communications 
companies to build real-time spying capabilities into their software, which 
Landau said will harm innovation and introduce security flaws that will be 
used against American companies, government agencies and citizens.

Innovation happens too fast on the Internet to require companies that 
provide chat and voice-calling capabilitiesbwhich these days includes 
online games, social networking sites and a myriad of online chat and 
photo-sharing servicesbto comply with detailed wiretapping specifications 
that cost hundreds of dollars just to read, according to Landau.

"Requiring that Internet applications with communications systemsb[which] 
means anything from speak-to-tweet to Second Life to software supporting 
music-jam sessionsbbe vetted first will put American innovation at a global 
disadvantage," Landau said. "For American competitiveness it is critical 
that we preserve the ease and speed with which innovative new 
communications technologies can be developed."

And she added the wiretapping holes are serious security risks.

"Building wiretapping into communications infrastructure creates serious 
risk that the communications system will be subverted either by trusted 
insiders or skilled outsiders, including foreign governments, hackers, 
identity thieves and perpetrators of economic espionage," Landau said in 
her written testimony (PDF), pointing to incidents in Greece, Italy and the 
United States where equipment built to comply with US wiretapping rules 
were subverted. Those rules, known as CALEA, were enacted in 1994 to 
require phone companies to engineer their networks to be wiretap-compliant. 
The rules were expanded by the FCC in the George W. Bush Administration to 
apply to ISPs as well.

The FBI's further push for expanded powers to wiretap online communications 
in real time comes against the backdrop of revolutions in the Middle East 
that relied heavily on social media communication tools and as Secretary of 
State Hillary Clinton called for worldwide internet freedom.

"I urge countries everywhere to join the United States in our bet that an 
open internet will lead to stronger, more prosperous countries,b Clinton 
said Tuesday, speaking at George Washington University.

But Caproni argued that law enforcement officials are occasionally running 
into cases where criminals are using online communication tools that aren't 
wiretappable in real-time, because the provider had not built-in that 
capability. Caproni did not mention that the FBI has not encountered a 
single case of encryption hampering its criminal investigations for the 
past four years, according to reports to Congress, nor that the FBI has 
never run into a single case over the last 10 years where it could not get 
the plaintext of a target's communications.

Landau told Congress the FBI was overlooking some very good news.

"While there is a genuine problem with intercepting some communications, 
the FBI now has access to more communications, and more metadata about 
communications, than ever before in history," Landau said.

But Caproni said that's not enough and the FBI needs to find new technical 
solutions b though she did add that the Obama administration has no "formal 
position at this time" about needed changes to the law.

But she warned Congress that the country was in danger from a surveillance 

"As the gap between authority and capability widens, the government is 
increasingly unable to collect valuable evidence in cases ranging from 
child exploitation and pornography to organized crime and drug trafficking 
to terrorism and espionage -evidence that a court has authorized the 
government to collect," Caproni said. "This gap poses a growing threat to 
public safety."

Also on Thursday, the Electronic Frontier Foundation released some 
government documents about the FBI's so-called Going Dark program, which it 
got under the Freedom of Information Act. Those documents show the project 
dates to 2006, and that the FBI had hired high-powered consultants from the 
Rand Corporation and Booz Allen Hamilton to help come up with solutions.

#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mail.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime at kein.org
----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list