Germany Talking about Banning End-to-End Encryption

Der Spiegel is reporting that the German Ministry for Internal Affairs is planning to require all Internet message services to provide plaintext messages on demand, basically outlawing strong end-to-end encryption. Anyone not complying will be blocked, although the article doesn't say how. (Cory Doctorow has previously explained why this would be impossible.)

The article is in German, and I would appreciate additional information from those who can speak the language.

EDITED TO ADD (6/2): Slashdot thread. This seems to be nothing more than political grandstanding: see this post from the Carnegie Endowment for International Peace.

Posted on May 24, 2019 at 8:39 AM • 44 Comments

Comments

ChrisMay 24, 2019 9:06 AM

The article mentions EU initiative to prevent the 5G cellphone standard to incorprate end-to-end encryption, which is unlikely to happen anyway. However, this seems to be unrelated to the IM end-to-end encryption mentioned in the article headline. heise.de article does not mention 5G at all:
https://www.heise.de/newsticker/meldung/Angriff-auf-WhatsApp-Co-Seehofer-will-Messenger-zur-Entschluesselung-zwingen-4431634.html

In my opinion, Minister Horst Seehofer who recently lost 90% of his power and is clinging to his position is trying create some headlines and to establish himself as a populist hard liner. Same with his comments about immigration. I would not give too much about this. As I said, this is only my opinion.

FlorianMay 24, 2019 9:17 AM

Hey, German speaking guy here :-)

some political perspective maybe first. The minister proposing this (Horst Seehofer) is known to be quite "edgy" - dont take him wanting this as written law already. His party (CSU) is the farthest right and smallest of the government coalition (CDU, SPD, CSU) But it surely is reason for concern. He wants this law to be passed before end of this year.

Messaging services are to be compelled to record plaintext of individuals on judicial orders, so most conversations could remain e2e-encrypted.

So far only "source surveillance" is allowed in Germany, which means that the device has to be manipulated to record messages before encryption - comparable to placing a bug.

The article also cites concerns about e2e-encryption because of 5G standards. (I dont quite get how this is related...)

This topic will be further discussed with the conference of state interior ministries in mid June.

MichaelMay 24, 2019 9:53 AM

I speak German.

No news here. Seehofer, the former philandering chairman of the conservative party in Bavaria wants to have access upon request to all chat protocols.

They want to make a law this year regarding this. This is indeed amazing, making laws has become seemingly unnecessary since chancellor Merkel rules by "chancellor decrees". The German constitution does not allow for "chancellor decrees" and it has been out of fashion since Hitler was chancellor. It is back in vogue now. The criminal opening of the borders for "refugees" the overriding of "Dublin III regulations", hey, who needs laws in Germany in 2019? So this is the real news.

deanisheMay 24, 2019 10:02 AM

The gist of it is, Seehofer (the Home Secretary—and a tub-thumping, technologically-ignorant traditionalist from Bavaria) wants messenger services to turn over plaintext copies of messages when ordered to do so by a court.

Any service that refuses won’t be allowed to do business in Germany.

Currently, the security services can only intercept such communications by hacking the target’s phone—using the infamous *Bundestrojaner* [Federal Trojan Horse].

As impossible as banning encryption is, I suppose he’ll likely manage to get secure messaging off German app stores.

hwilkerMay 24, 2019 10:09 AM

Please ignore „Michael • May 24, 2019 9:53 AM“. His rant has no relevanc3 here and regurgitates right-wing conspiracy crap.

MartinMay 24, 2019 10:24 AM

The updated new report now says the government is only "thinking about this" and has alledgedly not yet made any decision.
I am not convinced ...

TõnisMay 24, 2019 10:31 AM

@Michael, I'm in the US, and we've had the same problem here for a while: a bunch of law breaking, illegal aliens being re-branded as "refugees" when all they are is criminals attempting to skirt immigration laws. (Just take a look at the migrant caravan pictures; the invaders don't look persecuted in any way, they look like they just raided a Wal-Mart.) Anyway, I think I'm gonna try to immigrate illegally to Germany or Canada. After all, we have crime here in the US, and I need to escape its persecution.

hwilkerMay 24, 2019 10:31 AM

Statement from the Green Party (excerpt):

Der jüngste Vorstoß schließt nahtlos an vergleichbare Forderungen von EVP-Spitzenkandidat Weber, Innen-Staatssekretär Krings und Bundestagspräsident Schäuble an, die in den letzten Tagen allesamt die Anonymität im Netz offen in Frage stellten. Wir haben es hier ganz offensichtlich mit einer konservativen Kampagne zu tun, die das Ziel verfolgt, von den massiven eigenen Versäumnissen bei der notwendigen Regulierung im Digitalen und den Kampf gegen klar strafbare Handlungen im Netz abzulenken – auf Kosten unserer Freiheitsrechte.

They are referring here to similar demands and statements made over the last few days by several other high-level conservative politicians (see below) and suspect that it is part of a concerted campaign aiming to restrict civil rights and freedoms in order to distract from their own massive failures in the digital realm, especially regarding regulation.

  • Manfred Weber, running to become president of the European Commission (i. e. successor to Jean-Claude Juncker)
  • Wolfgang Schäuble, President of the Bundestag (German parliament) and former Federal Minister of the Interior
  • Günter Krings, Parliamentary State Secretary in the Ministry of the Interior (one of the deputies for Mr. Seehofer)

Ron ObviousMay 24, 2019 10:46 AM

A few quick notes from a legal immigrant from the US to Germany:

First, the ministry being quoted would be called the Justice Dept. stateside; it's about law enforcement, not "internal affairs".

Second, while several commenters claimed this was just the minister speaking, that's not clear. Further down in the (Spiegel) article they say that the ministry wants to pursue this - and to discuss alternatives at an upcoming meeting of the "Justice Ministers" of the various German provinces. So while it's not law by a long shot, it's also not just the Minister's opinion.

FlorianMay 24, 2019 11:03 AM

@Ron Obvious His department is about "internal affairs" too, but has police as additional task. There also is a seperate Justice Department. We also don't know what the other (state not federal) minister's oppinions from the conference in June will be. Maybe some will share his opinion for security concerns. Politically they are further left than he is though.

MattMay 24, 2019 11:48 AM

"No news here" and other such comments:

Even if Seehofer is a right-wing nutjob with minimal power and there's no chance that this law could be passed, it *still* needs to be vigorously shouted down. Eternal vigilance is the price of freedom; when sitting politicians propose tyrannical BS, there needs to be an immediate response.

The PullMay 24, 2019 11:49 AM

These seems like what happens when you put people with zero experience in technology in charge of technology.

Which happens, unfortunately, a lot.

Right or left -- these guys are incompetent, and you should change your political party if they are the ones you currently support.

This is noob/idiot level thinking.

God only knows what other ideas they are coming up with...

Clive RobinsonMay 24, 2019 1:46 PM

@ The Pull,

God only knows what other ideas they are coming up with...

Well the "data tax" idea has never gone away...

Mind you there are still politicians around who think a "fresh air" and "nice views" tax is a good idea (see local land/property tax in N.I.)

And there was a proposal to make "loyalty card" information used to assess micro-area wealth. So if you are as poor as a Church mouse and just getting on the property ladder, but your neighbours are mortgage payed off Baby Boomers with good pensions bying lots of wine, beer, cigarettes or other luxury items then you will get hit with a massive and undeserved local land tax bill...

And I'll be honest with you, I can see some think tank comming up with a "breathing tax" all it would take is a little implant right in your sternum that would be used just like some US Health Care providers use "fit bits" etc...

The young might see me as cynical, I preferre to think that my outlook as being due to a life time of dealing with people who think just saying "Make it so" is the way to act responsibly.

Speaking of Europe and not acting responsibly, todays UK news is Mrs May Prime Minister having repeayedly failed on Brexit has said she is going to fall on her sword. Something many of us had wished she had done after she did so badly in the snap election she called. As someone observed of her today, Shes a great listener, she nods and makes the right noises, but then carries on regardless ignoring what people actually say...

TatütataMay 24, 2019 2:00 PM

Even though this Schnapsidee is very much par for the course for Seehofer (who likes to show off shmoozing with the likes of Orbán, Putin or Kurz), it is hardly a novel one. The Vollhorst's immediate predecessor Thomas de Maizière was already pushing for exactly the same thing two years ago. Although both come from the same end of the political spectrum, they are hardly friends. Do they independently come up with the same sh*t, or is it whispered into their ears (yuck!) by the resident bureaucrats? I tend to believe n the latter alternative when I see how assuming the office of minister of the interior inevitably transforms even semi-decent human beings (Otto Schily?) into monsters, regardless of the country.

One wonders whether these guys even think of the details before flapping their mouths.

A citizen of country A is using in country B a mobile phone registered with a country C operator running an application from country D connecting to servers in country E... This is NOT a far-fetched scenario, at least in the EU. Who can demand decryptions, and how?

Although it's yet another iteration of an essentially useless law-and-order gimmick, one must still be vigilant, as lousy ideas can make it into law, like the recent EU Copyright directive...

Clive RobinsonMay 24, 2019 2:02 PM

Oh and for those who don't remember, the actual reason I mentioned Mrs May, was because she used to be the Home Office Minister who dreamed up "The Snoopets Charter"...

She to mad the same demands as Mr Seehofer... And very nearly got them. The evebtually got watered down a bit, but not before the Australian politicos thought "Yer beaut" and actually went full steam into similar legislation.

So a warning to all in Germany, you are realy but a haiemrs bredth away from such draconian legislation.

So if you can get Mr Seehofer to folkow Mrs May's latest lead and fall on his sword all the way to the hilt and beyond, as quickly as possible. Civilised society most defiantly does not need such anti-social people.

RandomDudeMay 24, 2019 2:32 PM

One important thing that should not go unnoticed here is Threema's immediate response:

According to Der Spiegel the developers of Threema said that "the absolute confidentiality of communication is in the DNA of Threema" and that they "are not willing to make any compromises". Since they don't have any infrastructure in Germany they do not fall under German law, the spokesperson of Threema said. If Germany really wants to prevent the use of Threema, they are comparable to totalitarian states like China and Iran.

TõnisMay 24, 2019 4:00 PM

@Anders, jah mõte on ehk pähe tulnud! :D Nädalalõpp on kohal ja loodan, et Sul on mõnus!

EvanMay 24, 2019 4:49 PM

As with most of these programs, the purpose isn't to prevent crime or terrorism or enhance public security in any meaningful sense. It's simply designed to give the government more tools to get people once the decision has been made to get them. You can't prevent terrorism or disrupt a bank robbery through these tools, but you can construct a narrative where the bank robber's cousin's girlfriend's neighbor is an accomplice, or simply jail people for Minority Report style pre-crime. And, of course, you can go after political opponents and personal enemies.

michaelMay 24, 2019 5:32 PM

This will be the same bullshit like with the German government malware software. Government said that child pornography is terrible and we need this malware or we can't fight it. Who wants to speak against it?

In the end, it was used zero times to fight child porn but just for other crimes: https://netzpolitik.org/2018/geheime-dokumente-das-bundeskriminalamt-kann-jetzt-drei-staatstrojaner-einsetzen/
Just a question of time until it is used against the biggest criminals of them all. TAX EVADERS!

@hwilker
Even a supreme court judge pointed out that Merkel broke the constitution. Again, I thought that governing per chancellor decree was not in vogue anymore. Lord was I wrong. If opposing the violation of the constitution makes you right wing then I am probably a right wing extremist. Like everything, it depends on your point of view.
https://www.welt.de/politik/deutschland/article150947586/Merkels-Alleingang-war-ein-Akt-der-Selbstermaechtigung.html

@Schneier, sorry for posting two German only links.

AntonMay 24, 2019 5:35 PM

Hello

Some additional information from the "long" article of the magazine:

- Chat providers shall be forced to name a contract person for such cases at the EU

- there seems to be a case in Brazil where a judge blocked WhatsApp because they didn't hand out data (no further details given, just es an example this is possible). There were public protests, so the blockage had been removed after hours.

- a lot of complains from secret services and police, why they need this...

- some examples where they were lucky to get information, that were normally encrypted.

- they expect protests of companies and users

- a lot of explanation for non computer science reader

- no further technical details

Greetings

Petre Peter May 24, 2019 6:24 PM

They don't know how technology works; they don't understand that you cannot make it weak only for the bad guys-the good guys are also affected. It's a pyrrhic victory at best.

DavidMay 24, 2019 10:29 PM

@steve
> There will no problem with Whatsapp. It has enough vulns. :D

WhatsApp has exploitable bugs is *good* for civil rights because it moves law enforcements away from mass surveillance and on to a painstaking individual detective work.

I feel good when the police manually exploits an iPhone bug to break into a pedophile’s phone. I feel nervous if the same police watches everyone else’s phones just because they can.

DaveMay 24, 2019 10:59 PM

When I saw the headling I thought it was de Maizière up to his old broken-record act again, but it looks like it's a new guy. Is it some requirement for Minister of the Interior that you have to have an obsession with encryption backdoors?

Also, for non-Germans wondering about the frequent mention of Seehofer's Bavarian origins, Bavaria is sort of the Texas of Germany, with all that entails...

JamesMay 25, 2019 7:45 AM

@Dave: Some call Bavaria a "polizeistadt", especially the Munich area.

Those proposals have nothing to do with protecting the public, but with mass surveillance,
same discussion all over again. Bad guys will always use encryption when they need to, everyone else will be exposed, plain and simple, assuming that a regulation like this will be enforceable in practice.
When hearing about encryption most think it's only related to computers / phones, which is not the case. Encrypted messages have been sent by a variety of means, and something simple and yet extremely effective like one time pads don't need a computer. Implemented correctly they provide 100% protection and deniability. Practical ? Not quite. Effective ? Very.

TatütataMay 25, 2019 8:20 AM

Also, for non-Germans wondering about the frequent mention of Seehofer's Bavarian origins, Bavaria is sort of the Texas of Germany, with all that entails...

Generalisations should generally be avoided, in general.

Yes, all too often politicks from below the Weißwurstäquator deserve the "deplorable" label. No need to give names. But so do those from above. E.g.: the aforementioned Thomas de Maizière, whose greatest life achievement "bis dato" was to enrich the German language ("Ein Teil dieser Antwort würde die Bevölkerung verunsichern") is of remote protestant Huguenot origin and grew up in sleepy Bonn.

There's this phenomenal video that settles accounts with the whole bunch, CDU, CSU, and SPD, (with small AfD and FDP bonuses) that is going on 10 million views in just 6 days!. (DE pop.: ~82 million). It does not disclose any new information, but shows with video evidence how full of sh*t the representatives of the people are. (What about the people themselves?) It is 55 minutes long and addresses themes including as climate change, inequality, copyright "reform", "defense" and complicity in the US perpetual war, and more. Such a video could easily been extended to 2 hours, and a similar one could be made for just about any rich country, in particular the USA which seems to be in the clutches of a death cult. It's a sign of a certain "raz-le-bol généralisé".

German is not my first language, and I initially had much difficulty with the southern dialects. (I'm making slow progress in decrypting Austrian and Swiss ones.) I tended to freeze when greeted with a resounding "Gruss Gott", and absorbed the Tracht und Filzhut clichés. But despite the initial alienation I somehow began to have a grudging admiration for the Bavarian "civil society" (and a certain form of conservatism), when I saw how popular involvement managed to scupper the
inane Transrapid project and the Olympic Games candidacy, and implement effective Tobacco control (despite the powerful lobby), thanks to the effective organisation of people initiated referenda.

And Texas also includes Austin, Dallas, El Paso, Houston...

PatriotMay 25, 2019 9:22 AM

Well, that is good news. "End-to-end" encryption must be working.

I am so glad that I just started a new Tutanota account.

Two points of concern: "end-to-end" encryption is usually a misnomer and most people cannot get past their confirmation bias to reach the truth of the matter. In short, end-to-end can be compromised too.

Secondly, Germany let people come in with no criminal checks. It is awash with radicalized young people. The threat is real. They have to spy on everyone in the country. And the people who are serious will escape the surveillance because the cat is out of the bag.

People who are serious could use code books, one-time pads, or use gpg or some other form of PGP on air-gapped systems for authentication, confidentiality, and non-repudiation. Sophisticated folks could use libsodium. None of it can be stopped without extraordinary measures if the users stay off the internet and cellular networks. Or they could just use symmetric ciphers passed on paper in ASCII armor then read them by a scanner. In other words, bad people can succeed if they want.

But normal people will lose their rights nonetheless. This is the direction in which we are headed. Germany is in real trouble.

PatriotMay 25, 2019 9:33 AM

@ James

Agree completely.

As Whitfield Diffie said, if you can generate random numbers, then you can have a private conversation.

The authorities cannot stop the bad guys, but they can justify a budget. It is all rather pathetic.

The new STASI is hiring! It's a growth industry!

ValerianMay 25, 2019 2:07 PM

The question is why do people vote for people who want the Gov to be BIG ? After every tragedy event the Gov pass laws that increase its power while advocating they are for general protection and good. The name of senators who voted for such abusive law should be made public and people be aware on election date. With regard to privacy: there is simple no way you can trust an encryption app unless you compiled the binary yourself and running/controlling node server behind it. People trusting these technologies lack whole concept. The only solution for future of privacy i see is open-sourced decentralized app where anyone can verify everything. If it is closed-sourced then there is no way you can trust it. I'm afraid this will be banned and we are going fast in direction of Xinjiang. Once we get there it will be no way to go back. I will quote George Orwell: don't let it happen

Sheilagh WongMay 25, 2019 5:06 PM

I can't believe the Germans would stand for this. Both the Nazis and East German communists monitored communication to stamp out opposition in infancy and stay in power. If any citizenry should understand the importance of privacy it should be the Germans. If not, then god(s) help us all, our DNA is too hard wired for hierarchy to break this cycle.

I think I am going to watch "The Lives of Others" again. An excellent flick.

JamesMay 25, 2019 6:13 PM

@Sheilagh Wong: It's not just Germany pushing for this crap. In fact i think they are among the latest to go this way. If i'm not mistaking Germany has (or at least used to have) some of the strongest privacy laws at least in the EU area. In fact that nutcase Andreas Lubitz (Germanwings Flight 9525) managed to get into the cockpit because his doctors were not allowed to contact the airline or the authorities, even if they knew the guy should never be near an airplane, nevertheless flying it. I guess times are changing.
Other have been pushing for this for a long time. Australia even passed such laws, i wonder how this is working out for them. If you can't break the encryption, i suppose you have to attack the endpoints ...

Cyber professionalMay 26, 2019 4:25 AM

I believe Schneiers blog has become a target for people trying to implant political tension. Maybe professional trolling?

As soon as there is a potentially controversial topic, there are always some commenters trying to fuel political controversy, without tangible subject matter contribution. This started maybe a year ago. Please Bruce - try to find a way to reduce this.

However: the topic of blogs like this becoming a target is very interesting. Who is behind, why, and what does it do democracy?

Clive RobinsonMay 26, 2019 4:51 AM

@ James, Sheilagh Wong, All,

It's not just Germany pushing for this crap. In fact i think they are among the latest to go this way.

The history behind "this crap" is quite long and goes back into last Century a couple of decades or more back into the cold war and as far as I remember both US President "Ronnie Ray-gun" and UK Prime Minister "Mad Maggie" Thatcher had an interest in it in their "Honeymoon period".

Where it actually originated from I'm not entirely certain but it's certainly something the FBI have been whining about for neigh on half a century, and may well have started with their "Spy catcher" activities which would not have gone very far with CCCP agents from Russia's KGB, NKVD, GRU training that started during WWII when the US and USSR were alies. As we know from VENONA[1] their agents used One Time Pads that were as small as matchboxes that could easily be concealed.

However after PC software implimentations of the Data Encryption Standard (DES) that were easy to use started appearing in the early 1980's we start to hear about "going dark" from the FBI and other Law Enforcment Agencies (LEA) and Domestic Intelligence Community (IC) entities such as the UK MI5 and Met Polices Special Branch. In the early 1980's the UK Met Police started their own "computer crime" unit that I knew some of it's founding members and they were talking about the "crypto-impediment" to investigations of such PC programs (they were not to happy that I and a friend had written not just a DES program but had included compression and a stream cipher to whiten the output from the compression prior to shoving it into DES and gave me the "crypto-export talk", they went nearly incandesent when I mentioned we were making an add-on to BASIC for "teaching" so people could more easily cut their own crypto).

What also happened later in the 1990's that was memorable was the waste of human flesh that 5th FBI director Louis Freeh[2] doing his secret briefings tour through Europe, fairly quickly became public (never tell a politician a secret, they won't understand it so will discuss it with their aids who will tell their partners who will let it slip to that nice journalist who buys them all those drinks 0:)

The 5th FBI Director's plan was simple, he knew that the US public would not go for having their private communications wire tapped or crypto-use "back-doored" (anyone else remember "clipper" and Crypto-War I?). So his stratage was to "ratchet it up" by going around Europe and trying to persuade one of them to implement a step in the right direction, then using that get another to take the next step and so on untill he could go back to the US and say "look the Europeans have done this, so we can too' to US legislators.

Thankfully all the European countries not only threw him out on his ear, most made sure that the story got around to stop it happening again.

Then 9/11 happened and the flood gates opened, now the talk is "Stop Terrorist's hiding" in the UK we got RIPA and all it's little nastynesses under Tony Blair PM and when he was gone and David Cameron was PM the Home Office Minister Mrs May tried to get "the snoopers charter" through parliment. It did not go well as she had made to many enimies, some how she became PM after Cameron stepped down and from the get go she was a compleate disaster, which is why she has fallen on her sword after failing to do anything of substance or note except fail during her tenure.

However the model for the Snoopers Charter was adopted by Australia who have been saddked with it.

There are a number of Australians who read this blog, hopefully one will poo up and give the Australian view point on how their politicos stiched them up.

So even if 5th FBI Director's plan did not work for him it's still rumbling on and no doubt he will claim it as his success, because he is that sort of a disaster in motion.

[1] https://en.wikipedia.org/wiki/Venona_project

[2] https://en.m.wikipedia.org/wiki/Louis_Freeh

JamesMay 26, 2019 6:09 AM

@Cyber professional: The problem is that politicians (no matter what their political color is, that's irrelevant) are trying to stick their noses in technology they don't even understand.

@Clive Robinson: I very well understand the need for national security. However the states have been catching spies, terrorists, etc without putting everyone in danger by weakening/banning encryption. They still do. It's much different then a few decades ago, with all our sensitive information was kept on paper, locked away in some place, and the Internet/Email was more of a hobby/novelty. Now our most sensitive info travels all over the place. You cant simply make encryption secure for the good guys but insecure for the bad guys, it doesn't work like that.
Even with the "legal spyware" made by companies like Hacking Team, NSO Group etc we barely hear that a terrorist leader, drug lord, pedophile was caught by using them. We mostly hear about targeting political dissidents, journalists ...
Excellent post as usual, btw.

Clive RobinsonMay 26, 2019 1:03 PM

@ Jame,

Now our most sensitive info travels all over the place. You cant simply make encryption secure for the good guys but insecure for the bad guys, it doesn't work like that.

I absolutly agree and have posted a number of ways to deal with "The Camels Nose" a number of times and will continue to do so.

What I was aiming to do was give people a brief overview of how we got where we are today. Because history can "forewarn you" as to what is likely to happen next, thus be prepared in a number of ways.

As I've said on a few occasions people should always send "Paper Paper Never Data" when coresponding or answering legal requests. At the simplest level it's because at the very least you can see more of what you are actually sending, and hopefully[1] way less "meta-data" that leaks all kinds of information.

It's not been lost on me that most Western Government Agencies are if not complicit are certainly aiding and abeting the forcing of all people to go on line. The claim's of faster more efficient are realy very hollow, most government ICT projects do not have successful out comes and if they lose your tax return then in the UK you are the one that gets notified by a fine... It's why I encorage people to actively resist such things. I have "hand delivered" and insisted on a recipt where by they sign and date every page of a photocopy. I do this more and more frequently, yes they hate me for it but legaly for now it's my right to chose, and that's the way I will continue as long as I can. The more people that do this, the more privacy they will have in their lives and for longer.

Likewise I've suggested people plan and prepare to generate and use OTP's on paper to get around the security/comms end point issues. Also not just how to "energy gap" comouters but how to build the equivalent of SCIFs for using equipment where "energy gapping" might not be easily possible.

As the old saying has it,

    Fortune favours the Prepared.

[1] Unfortunately many modern printers are "image printers" not "character printers" which gives a very high level of redundancy in which information can be hidden by both the Computer and Printer.

JeremyMay 27, 2019 6:47 AM

Clive, you of all people should know that, the Earth being round, all Australians poo up.

Unfortunately, while Australian, I don't live there. But given the recent election result, I think it's safe to say that a large proportion of Australians are perfectly content to be stitched up by their politicians, as long as it's the right gang doing the stitching.

Andreas KampmillerMay 27, 2019 1:57 PM

Concerning politicians it looks like a very sad pattern to me:

Politicians want some new laws to "enhance" the capabilities of police, military and/or intelligence agencies.
Most of the time they don't have any clue about the technology involved.
And if their proposal infringes common law, human rights or even standing rulings concerning similar proposals from the highest courts: they try anyway.
Should the implementation of the law fail then they try again after a few months/years with a new label stuck onto their idea, in the hopes no-one would notice.

#####

Every decision a human makes has a motivator.
Someone once told me that everything in the economic system, and even more so in politics, revolves around money.
On this notion let us assume "money" as a motivator of why polititians might suggest such infringing laws with the example "Police - Criminalistic Computer Forensics":

#

Assumption: current laws are more than enough to ensure good police work and therefore to do proper criminalistic computer forensics

Implementation:
a) hire competent enough police officers
b) hire enough of them
c) pay them properly
d) train them regularly
e) give them the equipment they need
f) update their equipment when necessary
(g etc) whatever is missing here to ensure a job well done)

Problem: These points all cost money, plenty of it; which most states/countries don't have in abundance

Solution: Create new laws which reduces the need of good POs and their required tools

Result: this consequently reduces the financial costs; at the costs of some human rights, which the proposing politicians then simply ignore

#

Thus, they trade money for human rights.
What is your thought on that matter?

#####

Greetings from Munich, Germany

WeatherMay 28, 2019 2:53 AM

Apotik
@spam hack, well auto hack, mainly windows,
But then @bruce your logo at the top of the page links to root dir of is, not wwwroot.

@mod

AdveniusMay 30, 2019 9:25 AM

Banning encryption is no different than burning books. It won't work, and attempts to do so mean you have already lost the real battle, which is for hearts and minds. It's all downhill from there.

And to the chaps flinging accusations like "right-wing conspiracy," be advised that a label is not an argument. Do you have an argument? Or just dogma and ad hominems?

Clive RobinsonMay 30, 2019 12:42 PM

@ Advenius,

Do you have an argument?

Arguments, I can get any day of the year, what we need is solutions and how to securely get them in place, not just for today but for the lives of our grandchildren yet to be, if not longer.

It should be noted that what ever the colour or stripe of the politicians, they are the symptoms not the disease, and like the snivels of the common cold they come and go, making a brief nuisance of themselves in the process.

As I noted in my comment above it's those who are the supposed "Civil Servants" who are the deep routed cancer in the body politic. It's not just good old fashioned "Empire Building" it's the modern day "Power Brokering" to get lucrative high payed consultants work from those supplying services to the "Public Service".

In times past there used to be strict rules about who a Civil Servant could move on and work with or for to prevent what we now call "revolving door" behaviours.

I would not be averse to seeing quite a few Civil Servants sent to jail for what is in reality a form of fraudulant behaviour. But then you would have to do the same with their pupets the legislators. Whilst we may like to think of the legislators as turkeys, they at the very least have the sense to not vote for Thanksgiving/Xmas.

Getting this impediment out of the power structures of Government would be an effective solution, but the system is set up to prevent this from happening.

Thus other solutions and how to get them in place are needed.

As I noted above "Fortune favours the Prepared", but those sorts of solutions only get you so far, at best as a temporary solution for a few who are prepared to put the required measures and behaviours in place.

The one thing you can be sure of is that if people started adopting strong encryption on energy-gapped systems and the required OpSec to go with it, then the Civil Servents would find a way to persuade the legislators to make it illegal. With hugh fines that the civil servants would get a percentage[1] of, coupled with jail sentences up in the thousand years mark or actual capital punishments. Not because the people could be doing anything to warrant such punishment, no it's because they dared to not do as they were told, thus they have to be made examples of as an incentive to others.

The civil servents would get this sort of draconian legislation by making promises that such legislation would only be used for the most serious of crimes, but in reality use them to asset strip those who can not afford to defend themselves.

It's an old and well practiced trick and it's often called "rights stripping", I prefere to call it a criminal abuse of power by those in public office.

[1] In the UK we have legislation called the "Proceads of Crime Act" or POCA. Parliment was promised this was only for the most serious of criminals. Well guess what the only people it's not been used against is the most serious of criminals, because they are the ones who can aford the legal and accounting experts to put their assets beyond the reach of POCA. What it has been used against is the likes of fishermen and other small businesses that are asset rich, they are first stripped of their ability to hire appropriate legal council, the prosecution then knowingly lie to judges and the defendants assets are taken away and sold at low value, with the prosecuters getting a nice fat percentage of the monies raised.

DannyJune 5, 2019 3:15 AM

@Andreas Klampmiller wrote, "Every decision a human makes has a motivator.
Someone once told me that everything in the economic system, and even more so in politics, revolves around money.
On this notion let us assume "money" as a motivator of why polititians might suggest such infringing laws with the example "Police - Criminalistic Computer Forensics":"

I think you are missing a key part in your assumption/implementation/problem/solution process.

Politicians dont play with their own money; they play with "other people's money."

Thus, you cannot validly assume "saving" money is the primary concern of any politician unless he owns the country (which most "elected" officials are not). Thus, your hypothesis could apply to leaders such as Hussein, Kim, etc. but not the rest of the "free world" politicians.

Politicians are also divided into categories, some of whose power stop at the drawing board. Some are down to an "executive" branch where real money is applied and signed off.

The true motivator should be viewed and logically drawn as to where the "pockets" are emptied and filled.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Security.