Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Delicieuxz

"Five Eyes" issue statement against end-to-end encryption, demand backdoors

Recommended Posts

Posted · Original PosterOP

 

'Five Eyes' security alliance calls for access to encrypted material

Quote

After a two-day summit in London, senior ministers from the group comprising the United States and allies Britain, Canada, Australia and New Zealand, said encryption should not come at the expense of the public’s safety.

 

“We are concerned where companies deliberately design their systems in a way that precludes any form of access to content, even in cases of the most serious crimes,” the group said in a statement following the conference.

 

“Tech companies should include mechanisms in the design of their encrypted products and services whereby governments, acting with appropriate legal authority, can obtain access to data in a readable and usable format.”

 

The five English-speaking allies have an agreement to share intelligence and techniques for gathering it, a relationship that evolved from a secret World War Two alliance between British and U.S. cypher and code breaking teams.

 

...

 

“The Five Eyes are united that tech firms should not develop their systems and services, including end-to-end encryption, in ways that empower criminals or put vulnerable people at risk,” said British Home Secretary Priti Patel.

 

U.S. President Donald Trump’s attorney general William Barr attracted controversy last week when he complained about how the proliferation of “warrant-proof encryption” was making it easier for criminals to “evade detection”.

 

“Encryption presents a unique challenge. We must ensure that we do not stand by as advances in technology create spaces where criminal activity of the most heinous kind can go undetected and unpunished,” Barr said after the security summit.

 

 

US-led ‘Five Eyes’ intel alliance says end-to-end encryption creates terrorism & child abuse threats

Quote

“Tech companies should include mechanisms in the design of their encrypted products and services whereby governments, acting with appropriate legal authority, can obtain access to data,” the Five Eyes – an alliance of intelligence agency directors from the US, UK, Canada, Australia, and New Zealand – declared in an official statement on Tuesday following their annual two-day security summit held in London.

 

This year’s theme – “emerging threats” – saw the smorgasbord of spooks brainstorming possibilities for eavesdropping on popular messaging apps like WhatsApp without rendering the encryption completely worthless, an idea which was central to last year’s meeting as well. This time, the intelligence agencies invited representatives from the tech industry to “collaborate” on a “set of voluntary principles” for interfacing with law enforcement.

 

...

 

Tech companies and even some senior intelligence agency figures have insisted that placing a backdoor in an encrypted platform makes that platform less secure for everyone – including government entities in need of a secure channel for their own communications – and opens the door to exploitation by criminals and (of course) foreign intelligence services. Former NSA director Mike Rogers called encryption “foundational to the future” and dismissed the talk of doing away with it as “a waste of time” in a 2016 Atlantic Council event.

 

But the “encryption problem” has only worsened since last year, with Facebook poised to roll out end-to-end encryption for its Messenger service’s one-billion-plus users. WhatsApp, owned by Facebook, is already encrypted. And other apps like Signal and Telegram are growing in popularity, much to the frustration of intelligence operatives reduced to pressing their noses against the digital glass.

 

...

 

Tech companies were advised to “consider the impacts to the safety of children…when developing their systems and services and deploying encryption,” the Five Eyes warned in their official post-conference statement. “Countering Online Child Sexual Exploitation and Abuse” was the focus of a “digital industry roundtable” that included representatives from Facebook, Microsoft, Google, Snap, Twitter, and Roblox and focused on developing a set of “voluntary principles” to expedite law enforcement activity against child abusers.

 

Aside from the encryption struggle, the Five Eyes also discussed the security risks inherent in 5G (“We recognize the need for a rigorous risk-based evaluation of a range of factors which may include, but not be limited to, control by foreign governments”), the security risks inherent in widespread adoption and commercialization of drones, and – lest anyone forget – the importance of maintaining the integrity of the democratic process free from foreign discord-sowers and discourse-manipulators.


Well, there it is: They're coming after your encryption. So, better encrypt your encryption.

 

For now, they're talking about "voluntary principles" that allow governments access to user information. However, I think people using platforms will prefer to use platforms that offer encryption, and so platforms will see it as a disadvantage to not offer it, which maybe could then lead to the situation of governments forcing backdoors by law.

 

Maybe if encryption is banned, after enough scandals that governments and politicians are the victims of they'll realize that encryption is important and stop their efforts to impede it.

 

 

Related Topic:

 

Link to post
Share on other sites

The Quantum Computing  "holy grail" has clearly failed. It's been fairly clear for a couple of years that Quantum Computers likely weren't actually going to be able to deliver on the promise of breaking all encryption, but now all of the big players are acting like it'll never happen. That's both a good & bad thing. Good because it means you can still enforce some actual Data Privacy, but also bad because it means they'll be attacking encryption at every step.

Link to post
Share on other sites
18 minutes ago, Taf the Ghost said:

The Quantum Computing  "holy grail" has clearly failed. It's been fairly clear for a couple of years that Quantum Computers likely weren't actually going to be able to deliver on the promise of breaking all encryption

kinda want an ELI5 on the difficulties of implementing the theory to actual hardware o_o

 

minutephysics did a video on the maths on quantum-computer accelerated encryption breaking

Link to post
Share on other sites
1 minute ago, TrigrH said:

I really don't understand how "encryption should not come at the expense of the public’s safety." makes any sense?

Encryption literally ensures the public’s safety and privacy.

First there is the Double Speak aspect to it, but the reality is that they're saying the talking points they've been given. The undercurrent, and this is what it's actually all about, is a rather important historical reality: the American Revolution was functionally about 10 Men for most of the early going. A lot of sympathizers, but it was practically on the back of Paul Revere for a while there. While baseline monitoring (see China's Social Credit System) is important for Power & Control, it's really about preventing anyone from actually challenging the current power structures.

 

From a historical perspective, the governments of most Major Powers are extremely weak. The rise of "professional" politicians and large, career-type government employees has created a situation where the leadership are becoming exceedingly imperial against their own populations. You see this reflected in the Brexit situation in the UK. Regardless of the merits of the choice, the voting public rendered one, but the most adamant anti-Brexit forces is the MPs that have to implement it. (Because they won't get invited to dinner parties in Paris.) 

 

As a result, the current power structures are in need of every bit of data they can gather on people. Governments fall to Network Effects, which is what they're really after. They want to be able to isolate groups long before they could seek redress of their grievances. Being obsessed with Internal Enemies is a sign of impending collapse of a "regime", even if it could be decades before it happens. That's what this is all about.

Link to post
Share on other sites
33 minutes ago, Delicieuxz said:

advances in technology create spaces where criminal activity of the most heinous kind can go undetected and unpunished

you "open" one thing, they will just find or create another...something tells me the kind of criminals they are trying to reference are not using "normal" communication methods like Telegram or WhatsApp which makes their entire summit pointless since they can't even imagine the kind of things that are used on the internet.


Judge the product by it's own merits, not by the Company that created it.

 

 

Link to post
Share on other sites
11 minutes ago, Taf the Ghost said:

blah blah murica, blah

???

The way I read it is that the governments place: 

- criminals being able to communicate using encryption 

as a greater security risk than the:

- privacy and safety of the data of the people. (that encryption was designed to protect in the first place)

 

I can see both sides here I just don't agree with the decision, mainly due to the fact that backdoors only cause more harm than good, as they weaken encryption. 

 

Take DRMs like denuvo for example, sure it might keep the hackers/crackers at bay for a few weeks? but nothing is foolproof even encryption itself.

 

Link to post
Share on other sites
26 minutes ago, VegetableStu said:

kinda want an ELI5 on the difficulties of implementing the theory to actual hardware o_o

 

minutephysics did a video on the maths on quantum-computer accelerated encryption breaking

My point about Quantum Computing was observational of the way the biggest players are acting. As for what's going on in the QC world, it seems like scale isn't happening anytime soon, no one yet actually knows how to really program for the systems, you need almost as much computing hardware to interpret the information as you'd need to do most of the calculations anyway and, well, non-Quantum attackable encryption has already been in the wild for a number of years.

 

The old Public-Private key encryption systems will simply get phased out at some point in the future. That isn't too surprising, though the fact the NSA hs been producing the largest database of prime numbers since at least the 1970s has always made the assumptions around Public Key encryption somewhat questionable. Even if the math works out.

Link to post
Share on other sites

These people must be dumb. Surely. If they think this idiocy has to go through, here is a reminder...

 

The machine below was used to open and reseal letters, used by Stasi to spy on people and eradicate anyone with opposing beliefs or politics. Last time I checked, Stasi operations didn't age too well, just like Nazi regime hasn't... They literally want this shit back. Different medium, same methods. Just fucking don't even try it dumb ass politicians. And stick your think of the children and muh criminals BS up your rear. Find another god damn way that doesn't include mass surveillance on people because you maybe manage to catch 5 criminals as a result.

letter_machine.jpg

Link to post
Share on other sites

Just remember these people are not stupid, they are very intelligent, they know exactly what they are asking for, they know the consequences of it.  They either don't care or they have an ulterior motive that is more important to them.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Sometimes I miss contractions like n't on the end of words like wouldn't, couldn't and shouldn't.    Please don't be a dick,  make allowances when reading my posts.

Link to post
Share on other sites

It's stuff like this which makes me critical of the world's governments. 

 

I trust big tech more than big government and I have my share of criticisms (and also compliments) about big tech. 


R9 3900x; 64GB RAM | RTX 2080 | 1.5TB Optane P4800x

1TB ADATA XPG Pro 8200 SSD | 2TB Micron 1100 SSD
HD800 + SCHIIT VALI | Topre Realforce Keyboard

Link to post
Share on other sites
11 minutes ago, comander said:

It's stuff like this which makes me critical of the world's governments. 

 

I trust big tech more than big government and I have my share of criticisms (and also compliments) about big tech. 

 

I think we should always be critical of people,  governments more so because it much easier for them to get a way with it. Having said that, nothing is really new under the sun, governments are just as bad today as they were 500 years ago, the only difference is we seem to have less wars and less financial crisis's as time goes on.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Sometimes I miss contractions like n't on the end of words like wouldn't, couldn't and shouldn't.    Please don't be a dick,  make allowances when reading my posts.

Link to post
Share on other sites
Quote

encryption should not come at the expense of the public’s safety.

So, they give up to understand? 

Link to post
Share on other sites
3 hours ago, TrigrH said:

I really don't understand how "encryption should not come at the expense of the public’s safety." makes any sense?

Encryption literally ensures the public’s safety and privacy.

Along the same lines,

Quote

“The Five Eyes are united that tech firms should not develop their systems and services, including end-to-end encryption, in ways that empower criminals

Of course, they fail to realize that adding backdoors empowers criminals as well

 

1 hour ago, mr moose said:

Just remember these people are not stupid, they are very intelligent, they know exactly what they are asking for, they know the consequences of it.  They either don't care or they have an ulterior motive that is more important to them.

I wouldn't be so sure about that.  How does that saying go, "never attribute to malice what can be explained by stupidity", or something like that?  The number of cases that have come up previously about all manner of things are, I think, pretty clear evidence that the majority of all governments are completely tech illiterate.

59 minutes ago, floofer said:

Oh it’ll get through too. We have no say. Not even in the news here.

Isn't that the sad truth.  Somewhere along the way, the concept that the government is chosen and formed by the people to serve them was lost and replaced with them acting as a separate body, in their own interests, often against those they claim to represent and no one seemed to notice.

 

3 hours ago, Aimi said:

"I-it's to stop terrorism, guys... it's for national security..."

Except you rarely, if ever, hear about Orwellian grade spying actually preventing crime.

Another good point.  With how much backlash there is against things like this, you'd think they'd be eager to flaunt the benefits anytime they actually get some good from it and despite that it still doesn't seem to come up that often.


Solve your own audio issues  |  First Steps with RPi 3  |  Humidity & Condensation  |  Sleep & Hibernation  |  Overclocking RAM  |  Making Backups  |  Displays  |  4K / 8K / 16K / etc.  |  Do I need 80+ Platinum?

If you can read this you're using the wrong theme.  You can change it at the bottom.

Link to post
Share on other sites
14 minutes ago, Ryan_Vickers said:

I wouldn't be so sure about that.  How does that saying go, "never attribute to malice what can be explained by stupidity", or something like that?  The number of cases that have come up previously about all manner of things are, I think, pretty clear evidence that the majority of all governments are completely tech illiterate.

 

 

"Never attribute to malice what is adequately explained by stupidity".

 

Unfortunately they have both a an extraordinary amount of information we don't, they have worked in and with many industries getting to the positions they are at,  you don't remain in or become part of the inner circle of government agencies like these when you are a fool.  Stupidity is dangerous at that level. 

 

No, they know what they are doing, they know the consequences.  I don't even think this is malice, it certainly is about control though, we just don't know to what level they need that control, for all we know it might be the lesser of two evils.  At this point everyone's opinion here is just personal conjecture from a limited understanding of what could be a really large problem.

 

 

Besides all that, some people are adamant that they already have all this access, if that's the case why are they asking for it again?  If it only solved trivial matters with petty criminals why would they be wasting their time starting another PR fight with the tech industry drawing attention to themsleves?


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Sometimes I miss contractions like n't on the end of words like wouldn't, couldn't and shouldn't.    Please don't be a dick,  make allowances when reading my posts.

Link to post
Share on other sites

I think a big part of what is happening here, and needs to be borne in mind, is that intelligance and law enforcement has relied heavily for the last hundred plus years on being able to intercept various forms of communication to do their job. In addition for the longest time if you where involved in activities those agencies cared about you had to interact with actual people producing witnesses, which despite their somewhat dodgy reliability are still a form of surveillance for these types

 

The idea of operating without that capability as the internet has made possibble, (as well as the cross national borders aspects), naturally bothers said agencies. And well terry pratchett made a very good comment. People like that tomorrow will be pretty much the same as today. And the same idea applies to governments and the various apparatus involved therein. They prefer nice predictable comfortable predictable environment to work in and the internet is undermining one of the big cornerstones they've worked with for so long.

 

Which isn't to say that they're right. But i doubt there's ethier malice or stupidity involved in the strictest sense, they just want business as usual to continue because it makes their lives more predictable and easier.

 

Which isn't to say i agree with them, (though i can see some valid arguments that aren't merely comfort related), but between the various other arguments and that it's not hard to see why they're doing this. How successful they'll be is going to be open to debate though. They can mandate what they want but as i've pointed out before, the internet crosses borders and alws like this could quickly run into situations where mutually contradictory laws are applicable to a single event. Thats likely not going to prove trivial to work through and depending on who does what internationally it could get messy. A lot will probably come down to what the tech companies want. If enough of them push back against stuff like thi in various ways they can probably make it not work provided someone, (probably the EU), is willing to back them up n it because if the EU is willing to block attempts to force tech companies or their assets based their to comply with such laws it's going to be really hard short of cutting their internet off from the rest of the world to actually enforce this stuff, and china might have been able to get away with that but i doubt many others will have much luck with trying to get that past their populations.

Link to post
Share on other sites

Those who would trade liberty for safety deserve neither.


Workstation Laptop: Dell Precision 7540, Xeon E-2276M, 32gb DDR4, Quadro T2000 GPU, 4k display

Ryzen Rig 2: ASrock B450 Pro4 ATX, Ryzen 7 1700 @ 4.2ghz all core 1.4vCore, AMD R9 Fury X w/ Swiftech KOMODO waterblock, Custom Loop 2x240mm + 1x120mm radiators in push/pull 16gb (2x8) 3600mhz V-Color Skywalker (or 4x8gb DDR4 2666mhz for large tasks), Corsair HX850 PSU, 128gb Patriot Scorch NVMe Win 10 boot drive, 500gb Samsung 840 EVO SSD, 512GB TeamGroup MS30 M.2 SATA III, CoolerMaster HAF XM Case.  Zalman K600S keyboard, Zalman ZM-GM1 mouse, Viotek GN24C 24" 1080p 144hz curved and Hannspree HF207 as 2nd monitor

https://www.3dmark.com/3dm/37004594?

Ryzen Rig 1: ASUS B350-PRIME ATX, Ryzen 7 1700, Sapphire R9 Fury Tri-X Nitro 4gb HBM, 16gb (2x8) 3200mhz V-Color Skywalker, ANTEC Earthwatts 750w PSU, MasterLiquid Lite 120 AIO cooler in Push/Pull config as rear exhaust, 250gb Samsung 850 Evo SSD, Patriot Burst 240gb SSD, Cougar MX330-X Case.  Zalman K600S keyboard, Zalman ZM-GM1 mouse, Acer XF270HU 2560x1440 144hz IPS monitor

https://www.3dmark.com/3dm/37628874?

Dwight: The Mixed Metals Loop Media Center.  Ask me about it.  Currently decommissioned to move to an mATX setup on a new MOBO once I pick one out (getting its facelift as of June 2020 have new air cooler, drives etc.  About 60% finished.  Will no longer be a closed loop system.  Slight update, upgraded to larger SSD, and air cooling installed Arctic Alpine cooler.

Schrute: ASUS M5A99FX Pro R2.0, FX 8350, Sapphire R9 Fury Tri-X Nitro 4gb HBM, 16gb (4x4) Corsair Vengeance DDR3 1600mhz, Sparkle/FSP 650w PSU, Corsair H100i GTX 240mm AIO w/ 12mm thick fans to fit in top exhaust, 256gb TIMETEC SSD, 1tb WDBlack HDD, Rosewill Nautilus 1.0 case.  DSI 90-Key Mechanical Keyboard w/ Cherry Red switches, Zalman gaming mouse

Micro Form Factor Dell OptiPlex 3040: Dell 0MGK50 A02, i3-6100T, 2x4gb DDR3 1600, Team Group 120gb SSD, 500gb Seagate 7mm HDD attached storage, Windows 10 Pro, Logitech K400+, USB Wifi adapter all vesa mounted to the back of a 37" 1080p TV 

Linux Box: Toshiba Laptop, i7 620M, NVS graphics, 4gb ram tinker toy at the moment.  Running Manjaro XFCE at the moment.

Home Security: ZOSI 8 channel CCTV (4 used at this time, 1080p) DVR H.265+, 3tb HGST Enterprise HDD, ASUS monitor for display

Link to post
Share on other sites
10 minutes ago, Curious Pineapple said:

Not always true, I douby a DIY nuclear reactor is in the best interests of anyone ;)

Quoting a Founding Father of my Nation, of which one of the Five Eyes were founded on this principle not so long ago in the distance that is time.

 

Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety - Benjamin Franklin


Workstation Laptop: Dell Precision 7540, Xeon E-2276M, 32gb DDR4, Quadro T2000 GPU, 4k display

Ryzen Rig 2: ASrock B450 Pro4 ATX, Ryzen 7 1700 @ 4.2ghz all core 1.4vCore, AMD R9 Fury X w/ Swiftech KOMODO waterblock, Custom Loop 2x240mm + 1x120mm radiators in push/pull 16gb (2x8) 3600mhz V-Color Skywalker (or 4x8gb DDR4 2666mhz for large tasks), Corsair HX850 PSU, 128gb Patriot Scorch NVMe Win 10 boot drive, 500gb Samsung 840 EVO SSD, 512GB TeamGroup MS30 M.2 SATA III, CoolerMaster HAF XM Case.  Zalman K600S keyboard, Zalman ZM-GM1 mouse, Viotek GN24C 24" 1080p 144hz curved and Hannspree HF207 as 2nd monitor

https://www.3dmark.com/3dm/37004594?

Ryzen Rig 1: ASUS B350-PRIME ATX, Ryzen 7 1700, Sapphire R9 Fury Tri-X Nitro 4gb HBM, 16gb (2x8) 3200mhz V-Color Skywalker, ANTEC Earthwatts 750w PSU, MasterLiquid Lite 120 AIO cooler in Push/Pull config as rear exhaust, 250gb Samsung 850 Evo SSD, Patriot Burst 240gb SSD, Cougar MX330-X Case.  Zalman K600S keyboard, Zalman ZM-GM1 mouse, Acer XF270HU 2560x1440 144hz IPS monitor

https://www.3dmark.com/3dm/37628874?

Dwight: The Mixed Metals Loop Media Center.  Ask me about it.  Currently decommissioned to move to an mATX setup on a new MOBO once I pick one out (getting its facelift as of June 2020 have new air cooler, drives etc.  About 60% finished.  Will no longer be a closed loop system.  Slight update, upgraded to larger SSD, and air cooling installed Arctic Alpine cooler.

Schrute: ASUS M5A99FX Pro R2.0, FX 8350, Sapphire R9 Fury Tri-X Nitro 4gb HBM, 16gb (4x4) Corsair Vengeance DDR3 1600mhz, Sparkle/FSP 650w PSU, Corsair H100i GTX 240mm AIO w/ 12mm thick fans to fit in top exhaust, 256gb TIMETEC SSD, 1tb WDBlack HDD, Rosewill Nautilus 1.0 case.  DSI 90-Key Mechanical Keyboard w/ Cherry Red switches, Zalman gaming mouse

Micro Form Factor Dell OptiPlex 3040: Dell 0MGK50 A02, i3-6100T, 2x4gb DDR3 1600, Team Group 120gb SSD, 500gb Seagate 7mm HDD attached storage, Windows 10 Pro, Logitech K400+, USB Wifi adapter all vesa mounted to the back of a 37" 1080p TV 

Linux Box: Toshiba Laptop, i7 620M, NVS graphics, 4gb ram tinker toy at the moment.  Running Manjaro XFCE at the moment.

Home Security: ZOSI 8 channel CCTV (4 used at this time, 1080p) DVR H.265+, 3tb HGST Enterprise HDD, ASUS monitor for display

Link to post
Share on other sites

The backdoor sends a encrypted message thats backdoor is it turns back into the first encryption.


I live in misery USA. my timezone is central daylight time which is either UTC -5 or -4 because the government hates everyone.

into trains? here's the model railroad thread!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×