Former FBI General Counsel Jim Baker Chooses Encryption Over Backdoors

In an extraordinary essay, the former FBI general counsel Jim Baker makes the case for strong encryption over government-mandated backdoors:

In the face of congressional inaction, and in light of the magnitude of the threat, it is time for governmental authorities­ -- including law enforcement­ -- to embrace encryption because it is one of the few mechanisms that the United States and its allies can use to more effectively protect themselves from existential cybersecurity threats, particularly from China. This is true even though encryption will impose costs on society, especially victims of other types of crime.

[...]

I am unaware of a technical solution that will effectively and simultaneously reconcile all of the societal interests at stake in the encryption debate, such as public safety, cybersecurity and privacy as well as simultaneously fostering innovation and the economic competitiveness of American companies in a global marketplace.

[...]

All public safety officials should think of protecting the cybersecurity of the United States as an essential part of their core mission to protect the American people and uphold the Constitution. And they should be doing so even if there will be real and painful costs associated with such a cybersecurity-forward orientation. The stakes are too high and our current cybersecurity situation too grave to adopt a different approach.

Basically, he argues that the security value of strong encryption greatly outweighs the security value of encryption that can be bypassed. He endorses a "defense dominant" strategy for Internet security.

Keep in mind that Baker led the FBI's legal case against Apple regarding the San Bernardino shooter's encrypted iPhone. In writing this piece, Baker joins the growing list of former law enforcement and national security senior officials who have come out in favor of strong encryption over backdoors: Michael Hayden, Michael Chertoff, Richard Clarke, Ash Carter, William Lynn, and Mike McConnell.

Edward Snowden also agrees.

EDITED TO ADD: Good commentary from Cory Doctorow.

Posted on October 28, 2019 at 6:22 AM • 42 Comments

Comments

Sancho_POctober 28, 2019 8:00 AM

In Jim Baker’s essay I believe to read sincere thoughts.
However, is the motive resignation or doubt?

Rolf WeberOctober 28, 2019 8:02 AM

Oh, wow! Ed Snowden also agrees. OK then ... :)

I nevertheless dare to disagree. Snowden shows the same misconception than many others. He thinks messaging providers like Facebook or WhatsApp are "untrusted third parties".
And this still is simply not true. They are not just "untrusted third parties". Not only that they make money from their services -- they own everything:
They own the servers and the network infrastructure. They engineer the protocols and implementations. The keys are generated by their proprietary client software. They code the bugs. :) And so on.

WhatsApp & Co could, if they only wanted, implement a trigger with which they could "silently" switch certain clients from client-side to server-side encryption. They could use it eg to perform random sample scans for child porn. Or they could fight virus outbreaks. And of course they could respond to lawful requests.

No "backdoor" needed. No encryption would be weakened because this is something the providers are able to do anyway, because they own everything. And this wouldn't make any ordinary user less secure. Quite the opposite.

Sancho_POctober 28, 2019 8:47 AM

@MarkH

Crying wolf without evidence is immoral.
Falling for propaganda isn’t much better.
Doubt is what keeps us curious.

So, if I find dogshit on my yard I will friendly ask my neighbor.
And I’m sure at first we’ll have a coffee together.
We both love to live in peace.

Rolf WeberOctober 28, 2019 8:55 AM

@Sancho_P

Ask Ed. :)

But fact is, WhatsApp is a *trusted* party. Users have to trust them that they don't perform MITM attacks, that they don't silently modify protocols and implementations, that they don't modify the client software.

Clive RobinsonOctober 28, 2019 10:29 AM

@ All,

I suspect that Jim Baker has realised that no matter what the authorities do they can not stop encryption being used, by those who put a little thought into it.

What LEO's hoped was that nobody would realise that the likes of Big Silicon Valley Corps are handing over data by the bucket load to the US Gov.

Whilst many don't bother to learn and understand this, those that want secure communications for good or bad are not going to fall into the trap of "Consumer Comms Kit" like mobiles and smart devices which lets face it are "walled gardens" not just to the OS producing Corps but the, hardware producing corps, and the radio interface is owned not just by the network service provider, but through standards that have been backdoored for longer than many readers here have been alive by the Governments, that used to own the communications networks like they did the postal networks.

Thus public communications and how the public access then are in no way owned by the public. People can argue otherwise but I think you would be wrong to do so. Because it is safer for you if you assume that all of it is owned by people who most definately do not have the public / citizens interests at heart. So even if you can find a rare instance of what you might consider "safe" public communications infrastructure, it's not going to stay that way, as a given.

Thus if every thing from the first party microphone / keyboard is owned to the second party speaker / display and vice versa what can be done?

Well the first thing to recognise is that the microphones range beyond the communications device they are in thus it's safe to assume that any room the communications device is in is compromised as well as possibly adjacent rooms. Similarly with the inbuilt cameras and some other sensors.

Thus you need to extend the communications path in some way beyond that and put your security end point there.

For simplicities sake just assume you write down an enciphered or encoded message from the display and take it to another building to be deciphered / decoded. In essence is what Military and Diplomatic entities have done for over a hundred years. That is communications are handled in the Communications Center (CommCen) and the crypto in a seperate secure area often called the "Crypto Cell" because in permanent camps/compounds/missions they are often built like prison cells.

The thing to realise about this model is that as far as message contents security[1] it matters not one iota how secure or insecure the communications path is or how many people passively snoop on the ciphertext[2] providing the encryption or encoding method is sufficently secure.

This model is known to work and work well which leaves the issue of codes and ciphers, which are different.

Normally when explaining this I mention both a secure cipher (One Time Pad) and a secure code (One Time Phrase) that can be performed by pencil and paper[3] (hand ciphering / coding). The reason is that they are both simple to understand and simple to use whilst giving high security to the message contents. Which enables people to get to see the mechanics of communicating with a "Crypto Cell" gapped from a "ComCen".

In practice when people understand sufficiently about the mechanics of the process and the necessary "energy gapping" they can use two computers,

The first one is used as the "communications end point" that is assumed to have been owned by an advarsary, thus never has message plaintext on it only ciphertext.

The second computer that has had all adversary exploitable communications removed that is used as the "Security end point", that is for dealing with all sensitive information. Such as the message plaintext and any other information that contributes to the messages as well as the encryption and encoding software.

Such a system being secure from remote attacks, forces any adversary to make very resource intensive direct attacks on the securiry end point. If you take care to secure it correctly any such attack will cause an alarm to be raised. Thus importantly you become aware of having become a "person of interest" which enables you to implement other security actions.

When laid out like this it shows why the LEO lament of "Going Dark" to get "golden keys" or whatever legislation is fairly pointless. Because what ever they do you will always be able to put your "security end point" beyond the "communications end point device" which is effectivelt as far as they can reach.

Thus legislation will only cause those who are not sufficiently versed in the Comms OpSec to be caught. This is very likely to be "Whistleblowers" and "grass roots political activists" rather than the sorts of criminals Mr Barr of the DoJ and many previous FBI directors pretend the legislation the demand is for.

So as you can now see Mr Barr is caught in an outright lie of his own making, not that this is the first time he's done so.

[1] You need to use additional methods to stop "traffic analysis" on the message meta-data and meta-meta-data.

[2] An opponent can actively attack the communications systems such as "bit flipping" to force a message resend in the hope you give them one of several mistakes that they can then use to analyze both the message contents (cryptanalysis) and message flows (traffic analysis). There are ways of mitigating such issues by additional methods.

[3] The problem as others would normally mention is that both "One Time" methods have a significant issue to do with Key Material (KeyMat) and Key Managment (KeyMan). However they are far from insumountable.

Xander HaremOctober 28, 2019 10:40 AM

The same James Baker who is currently under criminal investigation for leaking to the media? No surprise that he suddenly wants strong encryption available to the general public, a group he recently joined.

TimHOctober 28, 2019 11:27 AM

@Xander: Yes, and it comes across as cowardly that the individuals that failed to stop the anti-encryption juggernaut when they were in very senior gov positions come out of that closet when retired from authority.

VRKOctober 28, 2019 12:23 PM

Thanks Clive:

...you will always be able to put your "security end point" beyond the "communications end point device" which is effectively as far as they can reach

But if "they" even suspect you MAY BE communicating, these are precisely the triggers which enrage full-on sewage warfare, by very well funded thugs. Now your smart-meter gets tripped ten times every month... and the same help-desk girl is working for ALL of the utilities companies etc, including CSIS... [endless]...

My suggestion:

If you aren't targeted, use post mail, ELSE

If you are... buy a compass, an axe, and a map of Boreal Canada and use it, before your body miraculously gets built-in wifi. (Today.)

cetooleyOctober 28, 2019 12:25 PM

@Rolf Weber

The fact that whatsapp _can_ implement a switch like that is precisely the reason they are untrustworthy, regardless of whether people "trust" them - trust in computing means something completely different with respect to security. You cannot trust something that is closed source. You cannot trust something which you cannot verify is using encryption properly. You cannot trust whatsapp.

Rolf WeberOctober 28, 2019 12:41 PM

@cetooley

It was not the question whether WhatsApp is trustworthy or not. The point is, that *if* you use WhatsApp, then you are doomed to trust them (safe you only use their service just to transport your own encryption).
I just contradicted Ed Snowden, who argued that thanks to end-to-end encryption users would be safe, even when providers like WhatsApp are not trustworthy. And that's simply not true.

WaelOctober 28, 2019 2:22 PM

@Rolf Weber,

The point is, that *if* you use WhatsApp, then you are doomed to trust them

I use WhatsApp, but I don't trust them.

Ed Snowden, who argued that thanks to end-to-end encryption users would be safe,

A coarse-grained buzzword that means absolutely nothing, these days. Amateurs use it to impress other hobbyists. Add to the list: Womb-to-Tomb, Creation-to-Anhilation, Soup-to-Nuts, Ship-to-Shore; Shore-to-Ship, Deployment-to-Decomissioning, Inception-to-??? (find a word that rhymes) ... pretty impressive, eh?

Ismar October 28, 2019 3:56 PM

@Bruce
Thanks for posting some positive news regarding encryption and as for some other readers on this blog - why always focus on the negative- not much can be achieved that way ?

Clive RobinsonOctober 28, 2019 4:20 PM

@ Wael,

Shore-to-Ship

Not one to say quickly repeatedly or wirh a lisp ;-)

But then when have those who "Managmrnt Speak" ever cared about how ridiculous it sounds...

What gets me is is how --allegedly-- intelligent people on higher salaries don't understand the difference between meaningfull "jargon" and meaningless "buzz-words".

Many years ago Douglas Adams made the point about the latter as being necessary to stop the utterers brain from actually working :-S

Bong-Smoking Primitive Monkey-Brained SpookOctober 28, 2019 4:38 PM

@Clive Robinson, ...

don't understand the difference between meaningfull "jargon" and meaningless "buzz-words".

Make no mistake; we do understand very well. It's just that we can't impress them with brilliance so we baffle 'em with BS. Works all the time without exception.

What gets me is is how --allegedly-- intelligent people

"allegedly" is correct.

stop the utterers brain from actually working :-S

He used the word 'brain' loosely :-)

Rolf WeberOctober 28, 2019 4:58 PM

@Wael

I use WhatsApp, but I don't trust them.
I use WhatsApp too, and I trust them. Not unconditionally, but to some serious extend. I think it's very unlikely they secretely run the attacks I wrote about.

I honestly think WhatsApp is currently one of the best options to securely communicate. But I would never use WhatsApp on an outdated phone. The chance I could catch malware would be serious.

A coarse-grained buzzword them.
;)

Clive RobinsonOctober 28, 2019 5:02 PM

@ Ismar,

as for some other readers on this blog - why always focus on the negative- not much can be achieved that way ?

Oh contraire... A great deal can be achived that way, our host @Bruce tends to call it "thinking hinky" in the more distant past it was "nice hack".

Ever hear the expression,

    Either you have full security or you have no security.

The one thing history has taught us about ICTsec, over and over is that an "optomistic view point" is one that gives rise to "head in the sand thinking" which is not good for you privacy let alone security.

What you should do is,

    Assume the worst thus work towards the best.

Which means taking responsability thus ownership of your privacy and attendent security.

The only reason people are currently getting away with ignoring security is that it is a "target rich environment" thus your individual fate is in effect based on probability more than anything else.

People buy "fire and theft insurance" because they generally accept that on probability they will have a fire once every twenty years or so and get broken into once every five to ten years. Thus they accept the insurance cost over time knowing that when the dice come up for them, they will atleast be not entirely wiped out.

Thus with ICTsec insurance being a very imature market, most do not have the opportunity to reliably "externalise risk" through insurance. Thus a sensible person takes the risk on internally and implements an appropriate risk reduction / mitigation stratagem. Something you can not do if you have an overly optimistic view about ICTsec.

ICTsec is by the way a game where due to large Corps and Governments, being paranoid is almost being optimistic. Because they are very intent on "data raping all" be it for profit or for power or both. You could argue against this view point but you would as far as history is concerned be on the loosing end of the argument...

As they say,

    Pays your money, takes your choice

Though ICTsec has a rider of,

    But there is no real choice, they are all as bad as each other.

Gerard van VoorenOctober 28, 2019 6:12 PM

In writing this piece, Baker joins the growing list of former law enforcement and national security senior officials who have come out in favor of strong encryption over backdoors...

Hmm, somewhere I have read about this same thing, and that was a while ago. The problem is of course that suddenly when these guys retire they are starting to get a conscience. So I would say that from the point of view of the FBI nothing changes, at all. So this is all just talk.

Clive RobinsonOctober 28, 2019 8:25 PM

@ Gerard van Vooren,

So I would say that from the point of view of the FBI nothing changes, at all.

The FBI's attitude has been effectively as it is back in the 1980's.

FBI Director Louis J. Freeh, flew to Europe and to FiveEye Nations to promote the idea of total surveillance. He knew the US Public would in no way accept his ideas. So he came up with the idea of ratcheting up legislations via other WASP and First World nations so that US Politicians could be bamboozled into doing the FBI's bidding.

Back then most of the nations FBI Director Louis Freeh visited effectively showed him the door like you would with any uninvited sales pitch at your home with a "thanks but no thanks, please do not call again". The exception was the UK, due to UK Prime Minister Tony Blair and his rampant toadying to anything US, he and David Blunket came up with the first version of the Regulation of Investigatory Powers Act (RIPA) in a green paper. It caused very great concern in the UK as it alowed people who should never have access to peoples, homes and private affairs to run rampant into their bank details, medical details and even put surveillance equipment in their bedrooms. It also opened an easy way for people to be blackmailed with serious imprisonment just on the nod of a lowly police inspector. The proffessional and increasing public outcry caused various superficial changes. As legislation goes most judges treat it like a poisoned challice for good reason.

As you are probably aware in more recent times the Australian Government have been toadying upto these same ideas FBI Director Freeh had been pushing, based in part on what the UK had done. It now appears that other nations are going to ratchet things up further.

All of which is highly undesirable for first world societies.

As I occasionaly mention, there is no penalty for those pushing these ideas if they don't succeed, they just wait or reword legislation and represent it, knowing that no matter how outrageous what they ask for is they will bit by bit get it. This "no penalty" bias needs to be removed, thus if told "no" by society and their representatives, those presenting the idea should be dismissed for bringing their employer into disrepute (which is already in their work contracts). That way those that follow might rather rapidly reasses their posirion whilst still in office, rather than after they have left it.

Erdem MemisyaziciOctober 28, 2019 9:09 PM

He waited until it's no longer his job to do the right thing, to do the right thing. That's nice. Nothing new, but it's nice. It's like making it illegal to wear clothing. Fighting in court for government's right to strip citizens of clothing. Then agreeing later that wearing clothes is a good idea. Thanks man. Real pal.

MichaelOctober 29, 2019 1:42 AM

Regarding whatsapp and if its secure or not, I think thats irrelevant, the only important matter is who owns whatsapp, and its facebook, thats all I need to know, end of story

tdsOctober 29, 2019 4:03 AM

@Sancho_P, Wael, Clive Robinson

Wael wrote: "[end to end encryption is] A coarse-grained buzzword that means absolutely nothing, these days. Amateurs use it to impress other hobbyists. Add to the list: Womb-to-Tomb, Creation-to-Anhilation, Soup-to-Nuts, Ship-to-Shore; Shore-to-Ship, Deployment-to-Decomissioning, Inception-to-??? (find a word that rhymes) ... pretty impressive, eh?"

I like the word alliteration. For example, pointy-headed pontificator (php), sh!tty shill (SS), obsessive orangatang (oo), or fvcking farter (ff).

Of course, some phrases are memorable thru repetition. For example, 'boiling frog' or 'lock him up.'

WaelOctober 29, 2019 4:25 AM

@tfs, @Clive Robinson,

Inception-to-???

So you don't want to take a stab at it? I found it:
Inception-to-Failure :) and we know whose fault it will be, too. Before the project begins!

Pssst: it was @Rolf Weber -- not @Sancho_P. Wake up and smell the roses ;)

tdsOctober 29, 2019 5:15 AM

@Wael

OT, but I think Dirk Praet, or someone, once said something like 'he or she who shall remain nameless'

regarding "Inception-to-Failure" (itf)
otoh, "we strive for the sub-optimal" (wsftso) might make a better organization mission statement

WinterOctober 29, 2019 7:35 AM

About: Trusting Whatsapp etc.

I think it is not a question of trust as much as a question of accountability and redress. Whatever Whatsapp would decide to do or not do, they can be forced by outsiders to betray their own words.

People in the US have, by way of there elected representatives and the courts, ways to hold them accountable for their actions and seek redress. I know that this is hypothetical, as both the US congress and the US courts are largely dysfunctional in this respect.

But for us, non-US citizens, there is no accountability and no redress at all.

That is why the EU parliament is moving away from Whatsapp:

EU Parliament recommends Jabber instead of WhatsApp and checks signal
https://www.en24.news/2019/10/eu-parliament-recommends-jabber-instead-of-whatsapp-and-checks-signal.html

In both cases, the EU parliament has ways to hold those operating the communication to account and seek redress in case they err.

Petre Peter October 29, 2019 7:40 AM

I am not sure if I would feel better knowing that the FBI got to my files due to their well trained staff rather than through a backdoor.

Who?October 29, 2019 9:59 AM

@ Clive Robinson

I am not sure about your reasoning, to be honest I cannot completely agree with it:

  1. A fire implies money lost, insurance is good;
  2. A theft implies money lost, insurance is good too; however,
  3. ICTsec failures do not imply an obvious money lost.

(Then it comes wannacry and the hospitals across UK, but making this association is hard to people.) People should understand that "virtual" means stored on a physical device that exists on our world, and has consequences to us in the same way a fire or a theft has.

Another way to see it... people post on "(anti)social networks" pictures and comments that they would be ashamed to publish on a wall on their neighborhood. In other words, for people it is hard making associations between real and virtual worlds, even if both are the same.

Who?October 29, 2019 11:52 AM

I am not sure if I would feel better knowing that the FBI got to my files due to their well trained staff rather than through a backdoor.

I am sure I would feel much better knowing that the FBI got to my files due to their well trained staff; it is the difference between targeted and global surveillance.

I am all for it. Government should have a chance to get to our files when there is a good reason to do it; in other words, when they are able to put a well trained team working on getting something from a specific target. (I said "a chance," obviously we have the right to make it as hard as our brain allows.)

Global surveillance and widely deployed backdoors are not the way to go.

Clive RobinsonOctober 29, 2019 4:25 PM

@ Who?,

ICTsec failures do not imply an obvious money lost.

Not acording to the FBI. They have claimed that millions have been lost due to clean up and restoration.

Some argue that the figures they come up with, make no sense, and I can understand why. However with investors any such sums is as far as they are concerned "money on the table" which is rightfully theirs be it real or imaginary.

It's one of the reasons those who offer cyber-insurance are very likely to take a bath. Worse with the "double take" argument from 9/11 there is nothing to stop investors taking out insurance as well as the conpany officers and both parties having to be paid the full agreement.

Such is the way of the world some companies take out life insurance on employees, such that the company benifits from an employees death. This has apparently distorted the life insurance market, which raises the price to individuals seeking to protect their loved ones should they unfortunately die. So you could understand why othets claim such companies are "robbing widows and orphans".

In both cases there is a limited pot of money which means it gets reduced by such investor type actions.

Clive RobinsonOctober 30, 2019 3:02 AM

@ SpaceLifeForm,

Paper? Cage? Double Cage?

Up untill recently,

Paper, paper never data.

For crossing an "energy gap" was sound advice.

However, a cautious person these days, might just start to wonder if the likes of Microsoft or printer/scanner manufacturers have started to some how "watermark" documents as,a "Canary Trap"[1].

For some time it's been known that both printers and scanners --especially the "combos"-- and photo copiers had some anti-forging software in them. It was also assumed that it was in PC software but nobody reported finding it. I as did a number of others assumed that this absence was because at the time way too many people would be "in the know" for it and the all important algorithms to be kept secret.

But the world has moved on in a decade or so and Windows 10 and Microsoft Office are many many megabytes in size larger, plus most computers have a DRM chip of some form "built in" on the motherboard these days along with "Managment Engines" in the CPU chip sets. Thus there are way to many places for such canary trap software to be hidden away.

With various Western Governments seeking the blood of whistle blowers, if not already in place, I suspect it won't be long before canary trap software gets put everywhere in some form or another.

In the past this would not have been a problem with proper document destruction policies in place. Because if only used for energy gap crossing the paper documents would not get into circulation. The only issue would be the crossing from the security end point computer back to the communications end point computer and then outwards into the Internet. Which could be managed in various ways.

However most printers and scanners have WiFi or similar built in these days because it comes virtually for free with the SoC devices used on them. Further "inventory cost" control on FMCE production is a "one size fits all" basis, it's the final software load and a fee cosmetics that makes the difference between the high end all singing and dancing "Premium" model and the lowest price "economy" model. You can still see the evoloution of this on older graphics cards where they did not fit components. Now with it all on the CPU microcontroller that potential cost control measure has gone.

Thus we now have to worry not just about undesigned "emissions" that are relatively low field strength, but designed in communications at much much greater field strengths.

Which is something we can discuss in another post later. But my advice for a while now is to mitigate the issue via an entirely different route.

[1] A "Canary Trap" gets it's name from the use of such small birds as a warning systems like guard dogs might growl etc. It's been suggested that the NSA developed various canary traps for printed documents upto a third of a century ago when most "personal printers" were either "dot matrix" or like certain typewriters used a changable "print wheel" or "golf ball". It's been suggested that in reality the idea and name actually came from a well known author's books. It's also been suggested that all photo copiers and laser printers "embed" make, model and serial number into the images they print out. What ever the origin, we do know that with the advent of high quality colour printers the "Eurion Constellation marks" were seen from the mid 1990's in bank notes. And it has been assumed that they were developed to stop people printing their own money. However there are other more subtle image artifacts at work, as Steve Murdoch of the UK's Cambridge Computer labs found back in 2003/4,

https://murdoch.is/projects/currency/

MarkHOctober 30, 2019 5:23 AM

@Clive:

I learned a long time ago, that color laser printer firmware adds a visual "ID code" to each page. I thought this comical, because the output from the color laser printers I saw was ghastly . I would have been shocked if a person with normal vision could be fooled by currency reproduced using such machines ... but perhaps they work better now.

Probably photo printers would be much more suitable for attempted counterfeiting. Some of them have extremely high quality, though typical modern currencies are completely impractical to "print" on any equipment. Whether high-res photo printers also do watermarking, I don't know.

For a test, I once scanned a page from a color laser printer (probably about 2005 vintage). Though the watermark pattern was too subtle for my eye, with a little enhancement it was completely clear and obvious in the scanned image.

The concern you expressed that ANY kind of printing might get watermarked (perhaps from the PC rather than the printer itself) is startling, and gave me some pause.

I wrote firmware for a simple printer a long time ago. Sending data to it via a serial port ought to be pretty safe!

But this idea got me thinking about the old dot-matrix printers, which would be a lot more convenient than building a printer from scratch. I made a quick search: to my surprise, they are still in production, mainly because some businesses still use "multi-part forms" in which several copies are printed at once (a little like "carbon paper" from the old days).

Because they are now specialty items, dot-matrix printers have some pretty steep prices. But they might be an option for anyone who is (a) concerned about watermarked printing, and (b) has little or no need to print graphics.

MarkHOctober 30, 2019 5:44 AM

@Clive again:

Oops, I just read the footnote in which you referenced dot-matrix.

Though in principle it certainly be possible to have coded watermarking, given the crude mechanism of typical dot-matrix printers, it seems far-fetched to me that this would have been done.

I'm sure that dot-matrix printers have a lot of "personality" that can be used for fingerprinting, but this would only enable discrimination as two whether or not two documents came from the same printer; it wouldn't provide a "readout" of where the document came from.

As far I can imagine, the only practical way to "code" an IBM Selectric (golf ball) printer would be to vary the strike velocity (and therefore, depth of impression). Again, it seems most unlikely that this was done, for a variety of practical reasons. Such coding would be badly obscured in copies of the documents.

If you want to go to great extremes, I have a very ancient electric typewriter from IBM (one of the dinosaurs I need to clear out) which I know from the manuals could be fitted with an accessory bill of materials for actuators that would enable it to be used as a computer printer. It probably pre-dates any NSA tampering :) It might be possible to find such a machine ... or much more practically, an old teletype (which were made in vast numbers up through the 1970s).

Who?October 30, 2019 4:07 PM

@ Clive Robinson

Not acording to the FBI. They have claimed that millions have been lost due to clean up and restoration.

Sure. Even if numbers are usually exaggerated by the victims, there is a tangible loss due to these incidents. It is what happened to wannacry and the national health service in UK not so long ago.

My point is (and I think that I failed to share it with the readers on this blog as a consequence of my poor english skills) that people do not see a risk (i.e. money lost) until an incident happens. People does not understand that what happens on what they call "the virtual world" is really happening in the real world and has real consequences.

To me it is not clear it can be outlined just as a game on probability. A theft or a fire have even lower probabilities to happen than an attack against a computer these days. The difference is how people perceives the former (a theft or a fire had been seen historically as a direct money lost) versus the latter (an attack against the ICT is just seen as a "nerds thing".)

Of course these "nerd things" sometimes imply huge loss due to the effects the attacks have in real world. However people tends to ignore the consequences until it is too late to remedy them.

Clive RobinsonOctober 30, 2019 7:39 PM

@ Who?,

However people tends to ignore the consequences until it is too late to remedy them.

History shows this to be normal for anything new, and that it can take three to five human --not ICT-- generations[1] for things to change. That is a time period of between 90 to 175 years in the First world --where ICT is most prominent-- currently and it is increasing fairly rapidly as manual waged labour becomes increasingly scarce[2] and education to around twenty five is required to enter the "information economy" at a sensible salary range.

Needless to say ICT at the personal level did not get going untill the late 1970's early 80's and the "information economy" is realy a creature of this century which is not yet two decades old.

So which ever way you look at it in human terms "ICT is still to young" and few who started,in ICT upon graduating have made it to retirment yet. So ignorance of consequences has not realy had a chance to be "educated out" yet.

My point is ... that people do not see a risk (i.e. money lost) until an incident happens. People do not understand that what happens in what they call "the virtual world" is really happening in the real world and has real consequences.

There is a secondary "availability effect" in this which has two drivers,

1, Reliability / cost.
2, Target rich environment.

Whilst computers are becoming less reliable due to "commoditization" their cost in real terms is dropping faster. Thus you can get smart devices that might just make it past 18 months life expectency where desktops were once making it to 60 months or more, the price has dropped from 1500USD to less than 300USD. Combined this has caused people to treat smart pads and somilar effectively as "consumables", thus they have low expectations of device life. Further the Internet is still a target rich environment which means the probability of your device being attacked is bassed more on how low it hangs in the security tree. Just turning on the OS firewall will make many attackers go and look for easier targets to attack.

So many users have seen their devices fail with a hardware fault in a year and a half, whilst turning on the default OS firewall and AV software means they probably don't see malware getting on their computer at all in that year and ahalf. So their expectation of an insurance payout is actualk negligible.


[1] In third world nations a generation is as little as thirteen years, however in first world nations it's now considered to be thirty to thirty five years. This is based on length of time from birth to become a parent.

[2] There is a socio-economic link between where you sit in the "class structure" and when you have children. In general those in the lower or labouring working class that have no professional status have children younger in their late teens and twenties and have more children than those who have significant professional status and are at the upper or white collar middle classes, who might have only one or two children in their late thirties or early fourties. This has given rise to some political think tanks saying in effect those at the bottom are out breeding those at the top and give broad hints that this is anti-Darwinian... It's not hard to work out what their actuall bias in thinking is, and long ago it stopped being amusing.

BDX477LOctober 30, 2019 10:58 PM

Government's will always use current ambiguous laws or even create new laws when they don't like the current one's to further their agenda. The only reason to create new laws is to rubber stamp activities that have been going on for years undetected by the general public and to cover themselves from legal problems in the future.

Notice how the encryption debate has gone from protecting people from Terrorists to Criminals and has now settled on Pedophiles because the 1st two were not working with the tech sector and the general public. It is a cynical and shallow strategy because who in their right mind would defend child molesters.

SpaceLifeFormOctober 31, 2019 5:03 PM

@BDX477L

"The only reason to create new laws is to rubber stamp activities that have been going on for years undetected by the general public and to cover themselves from legal problems in the future"

Yep.

It's what I call Retro-Cover.

Been going on for a long time.

It's why Telco folk were forced out.

Note, this was 7 months before 9-11.

hxxps[:]//www.wired.com/2007/10/qwest-ceo-not-a/winamp/

"According to court documents unveiled this week, former Qwest CEO Joseph Nacchio clearly wanted to argue in court that the NSA retaliated against his company after he turned down a NSA request on February 27, 2001 that he thought was illegal."

Who?November 1, 2019 6:52 AM

@ Clive Robinson

I see now the point and, indeed, you are right. Thanks!

I hope that, in computing, things will change in less than three to five human generations. The worst offender on this resistance to change is the automotive industry. Only recently car manufacturers started to care about security.

My hope is that ICT will do better. The first computer I used, at the age of eight, was a Univac 90/30. It was a powerful computer, a mix of vacuum tubes and first gen electronics. It was the class of computer I would like seeing connected to the Internet right now. OS/3 had impressive memory, processes and devices protection. Compartimentation on this mainframe was hardware-supported and, from what I learned on the next years, very strong. At least from time to time it seems some good products rise, so we have a chance to learn from them (and sometimes even preserve them when the world move to "technically inferior but cute technologies".)

To be honest, I am really worried about "commoditization of technology." Current lack of reliability and quality in technology is worrying, not to say the huge amount of waste we are generating. We need reliable technology again, something we can trust, something that lasts... and something simple, auditable, technology we understand again.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.