[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cryptography] Justice Dept. Revives Push to Mandate a Way to Unlock Phones
- From: Nico Williams <nico AT cryptonector.com>
- Subject: Re: [Cryptography] Justice Dept. Revives Push to Mandate a Way to Unlock Phones
- Date: Mon, 26 Mar 2018 23:09:14 -0500
- Arc-authentication-results: i=1; mx.google.com; dkim=neutral (body hash did not verify) email@example.com header.s=cryptonector.com header.b=ce1+CRIS; spf=pass (google.com: best guess record for domain of cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com designates 2001:470:30:84:e276:63ff:fe62:3500 as permitted sender) smtp.mailfrom=cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:to:from:date:dkim-signature :delivered-to:arc-authentication-results; bh=SGRcrNHqy5hCKIGiKiyNMcWmPrV+ySAJ9ecG4lRgsxA=; b=WqlCoLpkyMSR9cfgGalzhl/f7B9NhVldQIB95RXDRicAvR6JfMWQogbjeNCePG3rxI gwUIP/33kYZXjrSHcyweM+ZcNqWs3d7T08meLsSowcqhwEbOqjRGAwamTnPTsGF7ONPy Im7PUM+Ht01hQLNDvgiOxPCDz91QJ6pXhj47Wo36qY89Br0XTtOK3QtcRDQqzrGzGvyW wTy9AG1pSxseRGu0k0bftZvid5ldBUMuP717cKOb/FzZCtdjUyrC2nCxtTRjLzGzbkhj vUFyf8VGOoM3EajZ/iz7DKGOHSvWY23JgQOFfTqBW5/fbgEH3kZHcNbPMO+ekKyVUdPR 24xg==
- Arc-seal: i=1; a=rsa-sha256; t=1522124161; cv=none; d=google.com; s=arc-20160816; b=Olcq02wO9gwkQXPrhMOnEbTGqnHUTPem3Y198obzfEba+UoYVi0rWZRlLnCZvWwnzz DI5pnETTNdq1zNnvxNQl4vy10UOfL6C+J/qEImA0XvcjvZoME4WLVrAl9cwvvMcCq3Mj nlkp9drevfEzKJpiEkdPl6HdeN6Wlw4QbQL99TI/TLtcZ9JODqKefdtPAqzf26ODfye/ lrWL0wf/HsVe4ZbqSHa+4YxCN8jue17L/TcDXilVIwaWXAkaDjaNLFkD4O3SSi4Thybh IrJdRNy1yrQ+tenr1wFGsNrqbURKem+pzJit10Ol5r+V8BLVHrEBT6Ivp+WysuVg2eLD Hehg==
- Cc: cryptography AT metzdowd.com
- List-archive: <http://www.metzdowd.com/pipermail/cryptography/>
- Sender: "cryptography" <cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com>
- To: jamesd AT echeque.com
On Tue, Mar 27, 2018 at 03:49:10AM +1000, jamesd AT echeque.com wrote:
> On 3/26/2018 1:22 PM, Nico Williams wrote:
> >There is no crypto that beats rubber hose cryptanalysis. This extends
> >to all technology.
> Stego beats rubber hose.
It does not. If you're found to have steganographic software then it's
a reasonable inference that you are *using* it, and it's all downhill
This debate comes up periodically on this list. Let's not retread.
Law enforcement types don't care that you think you're being clever.
Neither do judges. Neither do legislators. These are political
problems, not technical. There are no technical solutions to political
problems -- the state is armed with more guns and law enforcement and
soldiers than you could ever hope to counter in anything other than the
most widespread popular revolt.
Everyone in this field ought to know all of this by now.
If you object to the CLOUD Act or anything like it, you have to
participate in the political process. Perhaps, if you're a brilliant
lawyer or have a brilliant lawyer, and if the Supreme Court is amenable,
and if you have time and money to spend on it, you might prevail in
court, but I doubt this. The same goes for just about every western
country (though often it's worse elsewhere than the U.S. for lack of a
Bill of Rights).
> Minimize use of cleartext headers so that they will not know where to apply
> the rubber hose.
That is exceedingly hard to do, if not impossible other than by
"dropping off the grid". Everything we do leaks enormous amounts of
metadata. Metadata is all law enforcement really needs (if only they
understood this). All of your messaging and web browsing, really, all
of your online activity, and most of your off-line activity (through
electronic payments) -- all of this leaks all the metadata needed to
know where to apply the rubber hose. Unless you're willing to dispense
with all the amenities of modern life (few are), you leak metadata.
The cryptography mailing list
cryptography AT metzdowd.com