Legion Troll
A fine upstanding poster
Did you want the government to have the power to break encyrption because "Muslims"?
A new draft bill in Congress will force tech companies to undermine or break their own security features and encryption anytime law enforcement asks them to.
According to the draft, any time a tech company is provided with a court order for information, they must be capable of complying with it. Either by having access to the data itself, or by helping the government find a way to get access to the data. In other words, a company can’t say “That’s impossible” and call it a day.
A tech company faced with such an order would have two options:
1. Turn over the information directly. If a company has data on their servers relevant to the court order, they would be required to hand it over to law enforcement. It must be “in an intelligible format.” This means the company must have the ability to translate encrypted data to a readable format. That would require tech companies who offer encryption to either hold the keys to decrypt the data themselves, making their customers data more vulnerable, or worse, only use encryption that the company itself could break, making the encryption effectively worthless.
2. Help law enforcement get access to the information. If a company doesn’t have the data stored somewhere, it would have to provide “technical assistance as is necessary” in order to help the government get access to the data. In other words, tech companies would be forced to throw their weight into investigative forensics until the government decided the job was done. Notably, there is no limitation in this bill on just how much effort the government can demand from a company. There is, however, a provision stated they will be “compensated” for any costs incurred by providing technical assistance.
Using the San Bernardino case as an example, under this new law Apple would’ve been required to gain access to Farook’s iPhone, since it was the subject of a court order, regardless of how much Apple felt it could damage their business or their customers’ security. However, somewhat confusingly, it very deliberately doesn’t say how Apple must accomplish this.
One section of the law reads as follows: Nothing in this Act may be construed to authorize any government officer to require or prohibit any specific design or operating system to be adopted by any covered entity.
In other words, the FBI can’t come to Apple with a demand for a specific software feature that would get around a phone’s encryption (which they did, in the San Bernardino case). Instead, it simply mandates that Apple must do this somehow. It also says that Apple’s job wouldn’t be done until the government decided it was done.
http://lifehacker.com/what-you-should-know-about-congresss-latest-attempt-to-1770468594
A new draft bill in Congress will force tech companies to undermine or break their own security features and encryption anytime law enforcement asks them to.
According to the draft, any time a tech company is provided with a court order for information, they must be capable of complying with it. Either by having access to the data itself, or by helping the government find a way to get access to the data. In other words, a company can’t say “That’s impossible” and call it a day.
A tech company faced with such an order would have two options:
1. Turn over the information directly. If a company has data on their servers relevant to the court order, they would be required to hand it over to law enforcement. It must be “in an intelligible format.” This means the company must have the ability to translate encrypted data to a readable format. That would require tech companies who offer encryption to either hold the keys to decrypt the data themselves, making their customers data more vulnerable, or worse, only use encryption that the company itself could break, making the encryption effectively worthless.
2. Help law enforcement get access to the information. If a company doesn’t have the data stored somewhere, it would have to provide “technical assistance as is necessary” in order to help the government get access to the data. In other words, tech companies would be forced to throw their weight into investigative forensics until the government decided the job was done. Notably, there is no limitation in this bill on just how much effort the government can demand from a company. There is, however, a provision stated they will be “compensated” for any costs incurred by providing technical assistance.
Using the San Bernardino case as an example, under this new law Apple would’ve been required to gain access to Farook’s iPhone, since it was the subject of a court order, regardless of how much Apple felt it could damage their business or their customers’ security. However, somewhat confusingly, it very deliberately doesn’t say how Apple must accomplish this.
One section of the law reads as follows: Nothing in this Act may be construed to authorize any government officer to require or prohibit any specific design or operating system to be adopted by any covered entity.
In other words, the FBI can’t come to Apple with a demand for a specific software feature that would get around a phone’s encryption (which they did, in the San Bernardino case). Instead, it simply mandates that Apple must do this somehow. It also says that Apple’s job wouldn’t be done until the government decided it was done.
http://lifehacker.com/what-you-should-know-about-congresss-latest-attempt-to-1770468594