Christopher Wray only likes cell phone encryption when it works in his favor. Last year, big brother was locked out of “some 7,800 devices.” At the International Conference on Cyber Security earlier this month, Wray called the widespread use of encryption techniques “an urgent public safety issue.”
He wants some of Silicon Valley’s hard-core coders to come up with a magic back door.
According to Gizmodo, Wray’s statement “pissed off Sen. Ron Wyden (D-OR).” The liberal senator writes, “your stated position parrots the same debunked arguments espoused by your predecessors, all of whom ignored the widespread and vocal consensus of cryptographers. For years, these experts have repeatedly stated that what you are asking for is not, in fact, possible.”
“Regardless of whether the Federal Bureau of Investigation labels vulnerability by design a backdoor, a front door, or a ‘secure golden key,’ it is a flawed policy that would harm American security, liberty, and our economy,” Wyden feels.
Device manufacturers, the FBI Director believes, “should be able to design devices that both provide data security and permit lawful access with a court order.”
“We face an enormous and increasing number of cases that rely heavily, if not exclusively, on electronic evidence,” Wray told fellow FBI agents, international investigators, and private security pros. “A solution requires significant innovation but I just do not buy the claim that it is impossible.”
During Wray’s confirmation hearings on the hill last summer, Wyden barbecued him on the witness stand, grilling him on whether he agreed with his predecessors that encryption algorithms should come factory equipped with a master key.
Wyden gave the FBI’s head honcho a piece of his mind in a letter last week, reaming the deceptive Director for promoting “a flawed policy that would harm American security, liberty, and our economy.”
James Comey was also an outspoken advocate for encryption backdoors especially because “default encryption settings on cellphones and other devices hinder their ability to collect evidence needed to pursue criminals.”
When he crossed swords with Wyden on the issue, during the 2015 iPhone access debate, Wyden asked Comey “if he would be able to guarantee encryption keys needed for lawful access would never be stolen.” Comey replied, “Surely not.”
Deputy Attorney General Rod Rosenstein also was critical of the technology. He criticized Silicon Valley in October, saying they are “more willing to comply with foreign government demands for data than those made by their home country.”
Wyden insists the security software is already touchy enough, monkeying with it is likely to break the whole thing.
“Building secure software is extremely difficult, and vulnerabilities are often introduced inadvertently in the design process. Eliminating these vulnerabilities is a mammoth task, and experts are unified in their opinion that introducing deliberate vulnerabilities would likely create catastrophic unintended consequences that could debilitate software functionality and security entirely.”
The senator also “demanded” that Wray identify which, if any, experts actually gave him such bad advice. “I would like to learn more about how you arrived at and justify this ill-informed policy proposal. Please provide me with a list of the cryptographers with whom you’ve personally discussed this topic.”
He wants to know who was crazy enough to tell him “that companies can feasibly design government access features into their products without weakening cybersecurity.” He wants it by February 23. Gizmodo is “guessing it’s a short list.”
The issue became a focus for attention when the Justice Department tried to force Apple Inc. to “break into an iPhone used by a gunman during a mass shooting in San Bernardino, California.”
Cryptographers from tech companies around the world “have repeatedly warned they can’t do that.” Giving anyone, even the government, “lawful access” would also allow “all sorts of hackers and malicious actors undermining the security of the entire internet in the process.”
“They create new targets for data breaches and they complicate user security in a way that can be compromised by bad actors,” Amie Stepanovich, U.S. policy manager at advocacy group Access Now, relates.
At Davos today, UK’s Prime Minister, Theresa May, echoed Wray’s call “for a special magic version of encryption to be developed by technologists so law enforcement can access everyone’s communications on demand – and somehow engineer it so that no one else can abuse this backdoor.”
“We need cross-industry responses because smaller platforms can quickly become home to criminals and terrorists,” May stated. Referring to the encrypted messaging app Telegram, May pointed out, “We have seen that happen with Telegram and we need to see more co-operation from smaller platforms like this.”
“No-one wants to be known as ‘the terrorists’ platform’ or the first choice app for pedophiles.”