< Back to the Main Site

Author Topic: The FBI, Apple and your privacy  (Read 838 times)

Offline GreyGeek

  • NFOA Full Member
  • **
  • Join Date: Dec 2012
  • Posts: 1687
The FBI, Apple and your privacy
« on: October 13, 2014, 10:48:08 AM »
Scott Pelley, of CBS, interviewed FBI directory James Comey.   At first I was gladdened when he said:
Quote
Scott Pelley: Wasn't it your responsibility to support the president?

James Comey: No. No, my responsibility, I took an oath to support and defend the Constitution of the United States.

That was in reference to when he rebuffed President GW Bush, but it informed me that Comey KNOWS what the Constitution says and KNOWS what his oath of office requires him to do.

Given that, one has to ask why the FBI CONTINUES to issue National Security Letters and pushes for warrantless surveillance, among other things?

Comey goes on to explain why Apple is doing a bad thing by given Apple users an encryption tool WITHOUT an government back door:
Quote
James Comey: The notion that we would market devices that would allow someone to place themselves beyond the law, troubles me a lot. As a country, I don't know why we would want to put people beyond the law. That is, sell cars with trunks that couldn't ever be opened by law enforcement with a court order, or sell an apartment that could never be entered even by law enforcement. Would you want to live in that neighborhood? This is a similar concern.
That argument is bogus because the analogies do not apply. For one thing such cars and apartments are technically impossible.  Secondly, if information the government desires is put in a can and buried in a location only the owner knows,  the government would be unable to find ("open") it unless the owner gave the government the can's location.  That is an identical situation to the encrypted email.   Of course, for cans or encrypted information the government can always pull out the rubber clubs, a water board, Sodium Pentathol,  or threaten to charge their loved ones with capital crimes.

What Comey wants Apple, Google and Microsoft to do is to CONTINUE using the current encryption clients, which DO have government back doors built into them, which will allow the FBI (and any other government agencies so inclined to do so) to have warrantless access to the CONTENT of the emails, not just the "meta data" they claim is the only thing they are collecting.

What the government is really relying on is the ignorance of American citizens, if not their gullibility.   There are encryption programs WITHOUT government back doors.  In the Linux world such a program is called GPG (GNU Good Protection).  It is open source and under the GPL.   It allows the user to generate encryption keys with lengths of 1024, 2048 and 4096 bytes in length.  Since the government already knows how to crack RSA keys with lengths of 724 bytes or less, one would be wise to use either a 2048 or 4096 key.

I run Kubuntu, which has a KDE version called KGPG.  There is a Windows version called GPG4Win.  Believe it or not, the NSA uses GPG and the NSA leaker, Snowdon, created a .   I sign my email messages with KGPG, which prevents modification of their contents without being detected if passed along.  No one can add or remove words from my emails without revealing the attempt.   IF I want to pass along an encrypted (which is more than just "signed") document all one has to do is write the document and then encrypt it using KGPG.  The encrypted document can be attached to an email or sent via a CD or USB.  If you do not distribute the "Public Key" then no one but yourself can read the document.   With ?GPG you can create as many keys as you want and give the public keys to anyone you wish.  When the designated recipient gets the public key they can apply it to open the encrypted document without having to know the password to your private key.

Apple, Google, Microsoft and Android all use some form of GPG, but since it is open sourced, i.e., the source code is available, they had previously put back doors into the tool and posted the binary executable only, using GPLv3.   What Apple is saying is that they are removing the back doors that the FBI, the NSA and other government agencies have been  using so that without the knowledge of the password that the user uses to create the encryption key those agencies will just have to pound sand.

By the way, when thosee government agencies did apply for a warrant they went to the United States Foreign Intelligence Surveillance Court of Review to get them.
Quote
There is no provision for review or appeal of a grant of a warrant application, only of a denial. That is because in both the FISC and the FISCA, the government - the party who seeks a warrant to conduct surveillance - is the only party before the court, and it is unusual for anyone else to become aware of the warrant application at all, much less to oppose it or appeal it.

Here are some relevant links:
http://www.abajournal.com/news/article/report_chicago_police_and_fbi_joined_in_warrantless_probation_searches_law_/

http://www.tomsguide.com/us/FBI-wiretap-stingray-cell-phone-towers,news-13124.html

http://www.emptywheel.net/2014/09/13/the-curious-timing-of-fbis-back-door-searches/