Recent Paris attacks have raised the debate around encryption, law enforcement and intelligence agencies sustain that the encryption is defeating them to prevent terrorist activities.
Of course the question is instrumentalized by politicians and media, at a Senate hearing on Wednesday, the FBI’s Director James Comey called for tech companies currently providing users with end-to-end encryption to review “their business model” and stop implementing it.
The end-to-end encryption allows users to communicate securely on the internet making impossible for law enforcement to eavesdrop the traffic.
In the End-to-end Encryption model data is encrypted on the sender’s system before passing it to the servers of the service provider, which turn the encrypted data to the intended recipient, who is the only entity who can decrypt it.
The implementation of end-to-end encryption is the response of many companies and web service providers to the disconcerting revelations of the NSA whistleblower Edward Snowden about mass surveillance operated by the US Government.
“FBI Director James Comey on Wednesday called for tech companies currently offering end-to-end encryption to reconsider their business model, and instead adopt encryption techniques that allow them to intercept and turn over communications to law enforcement when necessary.” reported the The Intercept.
“Comey had previously argued that tech companies could somehow come up with a “solution” that allowed for government access but didn’t weaken security. Tech experts called this a “magic pony” and mocked him for his naivete.”
In the past, the FBI’s Director James Comey already requested IT giants to insert a backdoor in their product to allow law enforcement to decrypt data, but the reply of the companies was negative.
The US authorities have been pressuring companies like Apple and Google in public hearings to provide law enforcement access to decrypted communications whenever there’s a lawful request.
Now the FBI’s Director is suggesting to implement encryption techniques that could help authorities to defeat the end-to-end encryption used to secure the communications.
“The government doesn’t want a backdoor, but [it] hopes to get to a place where if a judge issues an order, the company figures out how to supply that information to the judge and figures out on its own the best way to do that,” said Comey. “It is a business model question,” he said. “The question we have to ask is: Should they change their business model?”
However, Comey is asking for the IT firms to be compliant with court orders by choosing the appropriate technology.
“There are plenty of companies today that provide secure services to their customers and still comply with court orders,” he said. “There are plenty of folks who make good phones who are able to unlock them in response to a court order. In fact, the makers of phones that today can’t be unlocked, a year ago they could be unlocked.”
For the first time, the FBI Director made a specific allegation about encryption having defeated the FBI investigation. He cited the terrorist attack in Garland, Texas.
“In May, when two terrorists attempted to kill a whole lot of people in Garland, Texas, and were stopped by the action of great local law enforcement … that morning, before one of those terrorists left to try to commit mass murder, he exchanged 109 messages with an overseas terrorist. We have no idea what he said, because those messages were encrypted.” “That is a big problem,” Comey said.
It is not clear what kind of technology Comey wants IT companies to implement, anyway the FBI is continuing it crusade against online encryption.
(Security Affairs – Encryption, FBI)
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations.…
This website uses cookies.