The Government Wants A Backdoor Into Your Online Communications

For those who are skeptical about these conspiracy theories, I've tried to explain why large vendors accede in a previous post and got great skeptical questions: <a href="https://news.ycombinator.com/item?id=5706695" rel="nofollow">https://news.ycombinator.com/item?id=5706695</a><p>tl;dr -- Most large public services you use (Skype, Exchange, likely Gmail, etc) have backdoors.<p>Large vendors believe they have to respond to subpoenas or face public obstruction or co-conspiracy charges. As a result, they place these backdoors to avoid the PR or believe they are required to play by the US govt's rules. They may not be realtime backdoors, and they may require a bunch of processing, but it is possible to read most messages sent through large, popular systems (both voice and text like email, sms, chat). I think everyone is waiting for a major court ruling or congressional bill to clarify what's what.<p>snippet of previous post to explain the vendor's mentality:<p>&#62; The govt comes by with a subpoena (secret, classified, or public) and requires Microsoft or the customer company to produce communication records that exist in a form that may be used as evidence. Failure to do so is best contempt of court and worst obstruction of justice. No 5th amendment privilege for other people's crimes [and prior to last year's ruling, it was assumed that passwords (or private keys) could be compelled for <i>any</i> reason in the US, and systems were built with that assumption]. So everyone who chooses to store or process messages makes it so the encryption is reversible and they can honor court requests. Nothing is private as a result.<p>&#62; There is not yet a way to build a messaging service that has both features [content-aware features like URL detection, spell-checkers, web browsing for dumb clients, targeted ads to fund free services, etc] AND [pure] privacy [in the US].

Boiling frog. As long as digital freedoms remain unlegislated, government will circumscribe ever-shrinking boundaries with and without the help of industry. It will continue forever until and unless the freedoms are enshrined into law.

Backdooring major services may lead to the mass adoption of encrypted systems. Not immediately, of course, but after the leaks start. Who'd use a backdoored Google Drive for proprietary information when they could use SpiderOak?<p>Can't stop the signal, Mal.

Open-source end-to-end encrypted communications. Using it is not rocket science. You should not trust legislation and goodwill of service providers for your privacy. Take the power to your own hands.

Could some hackers please hack the police wiretapping systems already in place the government doesn't seem to understand the threat to our security and anonymity this poses without a demonstration.<p>No system is completely secure including the wiretapping system which introduces one point of failure not to mention incredible power for a not so benevolent dictator.<p>If Hitler were alive today we would all be screwed by now so how long do you reckon it would take for another man like him to rise to power? I would give it maybe 5 generation and I'm being generous here. Given how China is behaving right now drunk on power i don't think we're going to have to wait that long.

Do there yet exist tutorials that the average Joe can follow for PGP/GnuPG?

I agree crypto on personal and business communication by default would be great, but it won't do much to truly protect the data from national security.<p>If using NSA approved crypto they'd love that such as RSA.<p>It's newer algorithms like PGP in the 90's that actually protect (or did) or extreme military grade encryption. Trapdoors and algos that can be broken by the NSA are more preferred and don't get the Zimmerman treatment because of that. If I were the NSA I'd do the same thing, it is their job.<p>There really is no way to fully encrypt that isn't undoable by the NSA. As long as it is only the NSA and not some other competitor spying on business ideas and private communications. Trapdoors for national security are typically in the software or a known flaw that makes it easier to decrypt and recover this information, obtain keys or enter the system to trigger and get the needed information to reverse. There are ways to trigger these modes within the software, software to be used by the NSA has to be approved by them. There is a reason you are subject to all sorts of scrutiny if you don't use approved algos/software wherever you do encryption/decryption (even when you upload a new app you are asked this and can cause problems if you aren't using the system crypto libraries).<p><a href="http://www.rsa.com/rsalabs/node.asp?id=2188" rel="nofollow">http://www.rsa.com/rsalabs/node.asp?id=2188</a> <a href="http://www.rsa.com/rsalabs/node.asp?id=2240" rel="nofollow">http://www.rsa.com/rsalabs/node.asp?id=2240</a><p>If you want to test this, simply make your own crypto lib and send some comms to a bad place in current geopolitics (I don't recommend it). Soon you will get a visit from the FBI and you may get the Phil Zimmerman treatment. Again, can't fault them, it is their job, but understand nothing is truly secure from national security. Yes it might be impossible for other businesses to read it or individuals but not the organization that employs the greatest cryptographers of all time.

You know, part of me wants this to happen. It will force a lot of high profile technology companies (and spawn new ones) to adopt end to end asymmetric encryption. Of course, this is idealistic, but there could be some good to be gleaned from it.

I actually feel much worse with the fact that large corporations with no oversight, who knows what kind of security, no counter-intelligence and little if any background checks on employees, have a front-door entrance to my data. Think about this: how hard would it be for a crime organization to put some Google employees on their payroll and use them to get personal information on just about anyone. How hard would it be for them to threaten a Google employee to provide them with information? So now the government wants in? Join the party.<p>I'd actually be happy, though, if the government put in place some/more regulation on companies that collect so much personal data.

This is why we should use Bitmessage.<p><a href="https://bitmessage.org/" rel="nofollow">https://bitmessage.org/</a><p>PPA for Ubuntu or Debian:<p><a href="https://launchpad.net/~fuzzgun/+archive/pybitmessage" rel="nofollow">https://launchpad.net/~fuzzgun/+archive/pybitmessage</a>

Encryption is hard to implement right, but by its nature, it can be implemented at the ends, outside of the transmission network.<p>Ironically, one of the groups working hardest to enable and promote end-to-end secure communications technology is NIST, ie, "the Government."

Given that the Government has already back-doors in nearly all of your communication. How would they utilize it? What would their benefit be?<p>That's nothing but Psychopathic behavior!! Someone wanting to know everything about you, just because there could something be that could harm you, or there could something be that you could use to profit from. That's sick!<p>You put 99,9% of the population into quarantine, because 0,01% is infected, thus harming all.<p>Then there is this obsession of some even more psychopathic citizens that act as a voluntary traitor, just to get attention. Remember the volunteers who helped to reveal the identities of demonstrators in the UK.<p>When I see an IT-Expert, I won't ask him to fix my computer just because he can, but people do. They don't care about the time and effort someone has to offer for you for free. They require it, because they believe they can require it. IT-Experts usually don't have high self-esteem which allows many people to put knives into the backs of those IT-Experts. That's the same egoism that the Government has, it believes to stand above the human rights.<p>Well it's sad, but in the US you've given up on privacy more or less, because everybody thinks about his own profit and not being willing to share a dime of your profit, even in theory, allows politicians to reform the law into something stinky. But politicians profit from doing that, because the suggest stinky compromises. Someone has to break this cycle. If I said that in an uneducated channel, people would say: "stupid communist" or something. But in reality I believe that people should just be friendlier to each other. Why is that so hard to understand. :( This makes me truly sad.<p>I live in a world where I have to use simpler and simples words, just because my surrounding doesn't understand common words anymore. The overall IQ is getting lower and lower, so low that I cannot use metaphors, sarcasm, irony and even folk wisdom anymore, because people are completely unaware of them. Knowing that these people would accept this law, because they don't care, don't read, don't think on their own is sad. People don't start thinking on their own, they agree on others or more popular people say, as if this was fully acceptable and logical. I am so happy when I hear about services like <a href="http://udacity.com" rel="nofollow">http://udacity.com</a> because I hope the next generation won't dumb down like this generation. Way too many children fail at school, way too many pupil don't get higher education. The gap is becoming greater, your heritage becomes your identity.<p>Orwell laid it out dangerously obvious in his novel. Most of it got real. Let's hope that the day "Lies" become "Truth" never arrives.<p>We blame China, while we export the technology for it. We blame China while we implement that censoring infrastructure into our own Governments.<p>Hypocrites.