From his perspective as the head of the FBI whose job it is to achieve outcomes within the law, of course Comey advocates encryption backdoors. He would likely also advocate allowing the FBI to suspend the bill of rights for any suspect during the duration of an investigation, and he'd quite likely prefer that the FBI be legally allowed to torture suspects if extreme techniques were viewed as likely to result in useful information. To law enforcement, the rights of a suspect are a barrier to many convictions.<p>How did we get to this point? Nobody would reasonably argue that extreme surveillance measures, patriot act, etc., is necessary to stop the vast majority of crimes from occurring, so why is it so easy for seemingly serious/intelligent people to think this nonsense is reasonable?<p>Members of our government are so indoctrinated about stopping "terrorism" that they have lost all sense of perspective. Terrorism is a political word to describe political enemies of the state, yet the patriot act and surveillance machinery has been used in enforcement of many other kinds of (less serious) crime.<p>I am surprised anyone can still use the word "terrorism" with a straight face anymore after it's become so clear that there is no large existential threat (merely the occasional zealot who acts out due to his/her own mental health issues). And in spite of a historically unprecedented global surveillance system there have been no attacks thwarted.<p>Comey is a symptom of the kind of cowardly, authority-respecting society we've become. I look forward to the day when our FBI director is not someone whose gaffes and judgment calls we read about in the newspaper on a regular basis.
I'm confused about this. I'm hurried at the moment, but this seems to a bill that orders tech companies to provide a solution to encryption without having a backdoor?<p>Isn't this like legislating a violation of mathematics or something?
So, the NSA and the CIA were recently hacked, yet these numbskulls think we can create a system that will only be accessed by "the good guys" How many hacks, leaks etc will it take for them to understand that if this passes, that will be the end of online security?<p>New Rule: If you want to propose cybersecurity legislation, you need to pass the fizz buzz test.
<i>> "What nobody wants to have happen is something terrible happen in the United States and it be connected to our inability to access information with lawful authority."</i><p>But they're not asking for that. They're asking for the ability to force companies to grant them access to information <i>without</i> something terrible happening.<p>The only way you could <i>prevent</i> something terrible happening, and have that <i>prevention</i> be "connected to [their] ability to access information with lawful authority", is to have the ability to inspect private data. And the only reasonable way they would do that is to do it <i>surreptitiously</i>.<p>They could try just asking the user to unlock their iPhone, or demand it with a court order (where I assume they can plead the 5th), but either would tip the suspect off. So they have to do it without the user's knowledge. And the only way to do that is if the company has a backdoor, or makes it so incredibly insecure as to no longer guarantee privacy at all.<p>The only logical way to give the FBI what it wants is to compromise user privacy.<p><i>> During the session, Comey also made repeat plays for expanding the scope of national security letters (NSL) — arguing that these administrative subpoenas were always intended to be able to acquire information from internet companies, not just from telcos.</i><p>The FBI claims that they would always get permission from a judge for invading user privacy. In the next breath, they want to expand NSLs, which is invading user privacy without requiring a judge's approval.<p>Both Lavabit and Silent Circle have had to close down their businesses after Lavabit was unreasonably demanded by the government (in a gag-ordered search warrant) to give up its private TLS keys, exposing all its users' privacy. But no law enforcement agency gives a shit about privacy; only secrecy.
Unbelievable. Just happened to see a clip today (<a href="https://goo.gl/F9XeQU" rel="nofollow">https://goo.gl/F9XeQU</a>) where Feinstein was "grilling" Comey about announcing the investigation into Clinton right before the election.<p>When Feinstein totally let him off the hook I was floored?!? He interfered worse than the Russians - how does he still have a job?<p>Ahh, she wants his support for the decrypt bill. I'll never understand why the Democrats have zero interest in protecting personal privacy.
“I don’t think Congress intended that distinction but what it does do us is in our most important investigations it requires us that if we want to find out the subscriber info to a particular email to go and get an order from a federal judge in Washington as part of the FISA court. An incredibly long and difficult process. And I’m worried about that slowing us down — and I’m also worried about it being a disincentive for our investigators to do it at all.”<p>Hurdles to protect privacy are important. If it's not an arduous process we have a problem.
> saying such legislation would be “better from a public safety perspective”<p>According to whom, we the people or a bunch of authoritarians who'd like to be able to access every nook and cranny of our personal lives?
Would it be okay to mandate spy microphones in all cars, spy cameras in all rooms, and make it illegal to remove or disable them, as long as only the 'good guys', with a warrant, could access the info?<p>What if doing this would save N people/year from terrorist attacks?<p>What other rights should we sacrifice for a 'safer' society? Surely we shouldn't let terrorist recruit people, so there goes free speech. We also shouldn't let them gather together to plot their wicked plots, so there goes freedom of association. And if we could bar people at risk of committing terrorist acts, from vulnerable locations, such as subways, airports, parks with a lot of people in them, well, I'm sure that would save a few lives too.
Putting in backdoors is sure fire way to kill US based mobile phone producers. Criminals will just use foreign produced phones and only way to counteract that is to outlaw those phones. Can't wait till they criminalize having certain firmware on your phones.
> We all love privacy, we all care about public safety and none of us want backdoors — we don’t want access to devices built in in some way. What we want to work with the manufacturers on is to figure out how can we accommodate both interests in a sensible way<p>How is this possibly reconcilable?
Diane Feinstein is old and needs to retire. She is completely out of touch with the needs of her constituency, and comes off more like an old guard republican rather then a democrat that she is supposed to be.
geeeez, how long is Cali going to foist Feinstein on the rest of the country. The level of idiocy is just beyond painful...<p>Edit to add: of course the same could be said about the remaining 49 states and their reps/sens as well...
I don't know why California Democrats elected Diane in the first place. Were there not any real liberals in California to choose from preferably with some expertise in Californias most valuable export?
I was watching the hearing during lunch, had to attend to work meetings, and then saw this article which is what spurred me to post my open letter to Congress tonight and share it here on HN at <a href="https://news.ycombinator.com/item?id=14261423" rel="nofollow">https://news.ycombinator.com/item?id=14261423</a>. We have to get this information out there in a format that Congress and our non-techie friends and family understand.
Law enforcement is tasked with putting people in jail, not so much preventing future abuses of bad laws by governments. This is why checks and balances must be maintained, for when all you have is a hammer everything looks like a nail.
"The high profile court battle ultimately ended after the FBI paid a third party company to gain access to the device via an exploit in the security system."<p>Why isn't this an acceptable solution?
Can someone call out these alleged encryption back doors for what they are? Junk science.<p>If Apple and Google aren't legally able to build as secure as devices & infrastructure as possible, the DOJ, FBI, NSA, and CIA sure as hell won't be secure. Merry Christmas to Assange.
> We have to figure out a way to optimize those two things: privacy and public safety.<p>Given how safe the public is, you'd think that this would mean "we need to focus on privacy". That is the <i>public</i>'s priority. The FBI, whose mandate is abviously <i>not</i> to protect the <i>privacy</i> of citizens, is obviously going to advocate for the <i>public safety</i>, or more specifically his organization's degree of visible success in ensuring it.<p>Obviously the director of the FBI is not who you should be asking for a balanced recommendation regarding safety and privacy.
Is there any good information on what has been accomplished through such access etc ?<p>What have they stopped using such methods? I think if they wanted to get anything like this moving forward they need to show results. Not too many trust the government these days.<p>I do not like the idea of "backdoors" but I can see realistic need for such things. I think many are against such things "until" some massive WMD type attack then the tune will change.
There is another big problem with mandatory decryption laws.<p>If someone want to incriminate you, they don't need to plant a file with child porn anymore: they just need to plant a file composed of random bytes and acuse you of having encrypted child porn there.<p>Now good luck providing the court an encryption key that does not exist.
Your device has private data on it. Who has <i>final</i> say on whether someone can access it?<p>- Option 1: you
- Option 2: somebody else<p>Those are the only two options.<p>Option 1 protects people from criminals and tyrants, but impedes law enforcement.<p>Option 2 enables law enforcement but makes people vulnerable to criminals and tyrants.<p>Any suggestion that we can get the best of both worlds is confused or disingenuous. We have to choose.<p>Do you get final say on who can access your device's data, or does somebody else?
If you're wondering how it got to this point I'd like to remind you that you (If you live in the US) don't own this country. The people in charge don't care about you. They care about money, power, and stability of their system. It's hopeless to resist because they own your home, your bank account, and all your money. The only way we'll ever change it is getting scientists, nerds, and engineers into congress. I don't know how we'll do it but we have to do it to ensure freedom for everyone in the USA.
Ridiculous. When will these numbskulls understand that you can't regulate people's use of encodings? It's right there in human language. You can't force everyone to use the same one.
I still don't understand. They want to be able to have a court order a device maker to decrypt data, but today they can already get a court to order the device owner to decrypt it. The device owner actually has the password or key. The truth is that they want to do this without the device owner knowing it's being done.