The FBI continues its crusade against the encryption

Recent Paris attacks have raised the debate around encryption, US authorities sustain that the encryption interferes with their investigation.

Recent Paris attacks have raised the debate around encryption, law enforcement and intelligence agencies sustain that the encryption is defeating them to prevent terrorist activities.

Of course the question is instrumentalized by politicians and media, at a Senate hearing on Wednesday, the FBI’s Director James Comey called for tech companies currently providing users with end-to-end encryption to review “their business model” and stop implementing it.

The end-to-end encryption allows users to communicate securely on the internet making impossible for law enforcement to eavesdrop the traffic.

In the End-to-end Encryption model data is encrypted on the sender’s system before passing it to the servers of the service provider, which turn the encrypted data to the intended recipient, who is the only entity who can decrypt it.

The implementation of end-to-end encryption is the response of many companies and web service providers to the disconcerting revelations of the NSA whistleblower Edward Snowden about mass surveillance operated by the US Government.

“FBI Director James Comey on Wednesday called for tech companies currently offering end-to-end encryption to reconsider their business model, and instead adopt encryption techniques that allow them to intercept and turn over communications to law enforcement when necessary.” reported the The Intercept.

“Comey had previously argued that tech companies could somehow come up with a “solution” that allowed for government access but didn’t weaken security. Tech experts called this a “magic pony” and mocked him for his naivete.”

In the past, the FBI’s Director James Comey already requested IT giants to insert a backdoor in their product to allow law enforcement to decrypt data, but the reply of the companies was negative.

The US authorities have been pressuring companies like Apple and Google in public hearings to provide law enforcement access to decrypted communications whenever there’s a lawful request.

Now the FBI’s Director is suggesting to implement encryption techniques that could help authorities to defeat the end-to-end encryption used to secure the communications.

 “The government doesn’t want a backdoor, but [it] hopes to get to a place where if a judge issues an order, the company figures out how to supply that information to the judge and figures out on its own the best way to do that,” said Comey. “It is a business model question,” he said. “The question we have to ask is: Should they change their business model?”

However, Comey is asking for the IT firms to be compliant with court orders by choosing the appropriate technology.

“There are plenty of companies today that provide secure services to their customers and still comply with court orders,” he said. “There are plenty of folks who make good phones who are able to unlock them in response to a court order. In fact, the makers of phones that today can’t be unlocked, a year ago they could be unlocked.”

For the first time, the FBI Director made a specific allegation about encryption having defeated the FBI investigation. He cited the terrorist attack in Garland, Texas.

“In May, when two terrorists attempted to kill a whole lot of people in Garland, Texas, and were stopped by the action of great local law enforcement … that morning, before one of those terrorists left to try to commit mass murder, he exchanged 109 messages with an overseas terrorist. We have no idea what he said, because those messages were encrypted.” “That is a big problem,” Comey said.

It is not clear what kind of technology Comey wants IT companies to implement, anyway the FBI is continuing it crusade against online encryption.

Pierluigi Paganini

(Security Affairs – Encryption, FBI)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

11 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

18 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.