It seems to be unclear what the implications are on bitcoin or other cryptocurrencies (perhaps desktop wallets could be affected?), but if it does happen, then will have huge implications on privacy and just security of data in general.
It'll be interesting to see what the tech companies respond with when they well know that it's going to be a huge breach of privacy principles, and will essentially potentially allow hackers to use the same backdoors to breach into systems.
Obviously, if these companies do not respond positively to these requests, it's going to cost them dearly as governments may sanction them for their actions. You're right about having more of this in the news, not many people understand the immenseness of this backdoor situation, if it was ever to come into fruition.
Topic: Governments Call on Tech Giants to Build Encryption Backdoors -- Or Else (Read 302 times)
September 11, 2018, 07:38:41 PM
September 06, 2018, 01:24:04 AM
The tech giants are against this though right? I remember the issue with FBI planning to sue Apple because they refused to help them unlock some shooter's phone. The FBI ended up not suing because they apparently found a third party that unlocked the phone for them. Google also issued a statement condemning the push for backdoors I believe.
This is concerning though, and I hope whichever companies comply with this get exposed somehow.
I don't think this affects crypto very much as it's targeted towards surveillance, not necessarily for breaking into devices. People should be safe for as long as they don't share private keys over messaging software even if hackers somehow exploit these backdoors.
This is concerning though, and I hope whichever companies comply with this get exposed somehow.
I don't think this affects crypto very much as it's targeted towards surveillance, not necessarily for breaking into devices. People should be safe for as long as they don't share private keys over messaging software even if hackers somehow exploit these backdoors.
Some of my back up data are sent via messaging apps. If someone hacks those files I am doomed. I was just thinking to scatter it to the internet where I and my family could open it. I will certainly delete those files, and just use a bunch of pieces of papers to write it down and put it in safe keeping. What are the governments thinking these days, they are merely making lots of ways to stop crypto from being bigger.
September 05, 2018, 11:25:31 PM
Quote
A pact of five nation states dedicated to a global “collect it all” surveillance mission has issued a memo calling on their governments to demand tech companies build backdoor access to their users’ encrypted data — or face measures to force companies to comply.
The international pact — the US, UK, Canada, Australia and New Zealand, known as the so-called “Five Eyes” group of nations — quietly issued the memo last week demanding that providers “create customized solutions, tailored to their individual system architectures that are capable of meeting lawful access requirements.”
This kind of backdoor access would allow each government access to encrypted call and message data on their citizens. If the companies don’t voluntarily allow access, the nations threatened to push through new legislation that would compel their help.
“Should governments continue to encounter impediments to lawful access to information necessary to aid the protection of the citizens of our countries, we may pursue technological, enforcement, legislative or other measures to achieve lawful access solutions,” read the memo, issued by the Australian government on behalf of the pact.
It’s the latest move in an ongoing aggression by the group of governments, which met in Australia last week.
The Five Eyes pact was born to collect and share intelligence across the five countries, using each nations’ diplomatic power and strategic locations as chokepoints to gather the rest of the world’s communications.
Since the Edward Snowden disclosures in 2013, tech companies have doubled down on their efforts to shut out government’s lawful access to data with encryption. By using end-to-end encryption — where the data is scrambled from one device to another — even the tech companies can’t read their users’ messages.
Without access, law enforcement has extensively lobbied against companies using end-to-end encryption, claiming it hinders criminal investigations.
Security researchers and other critics of encryption backdoors have long said there’s no mathematical or workable way to create a “secure backdoor” that isn’t also susceptible to attack by hackers, and widely derided any backdoor effort.
In 2016, rhetoric turned to action when the FBI launched a lawsuit to force Apple to force the company to build a tool to bypass the encryption in an iPhone used by the San Bernardino shooter, who killed 14 people in a terrorist attack months earlier.
The FBI dropped the case after it found hackers able to break into the phone.
But last month, the US government renewed its effort to set legal precedent by targeting Facebook Messenger’s end-to-end encryption. The case, filed under sealed, aims to break the encryption on the messaging app to wiretap conversations on suspected criminals.
It’s not the first time the Five Eyes nations have called for encryption backdoors. An Australian government memo last year called for action against unbreakable encryption.
Although the UK’s more recent intelligence laws have been interpreted as allowing the government to compel companies to break their own encryption, wider legal efforts across the other member states have failed to pass.
https://techcrunch.com/2018/09/03/five-eyes-governments-call-on-tech-giants-to-build-encryption-backdoors-or-else/
The international pact — the US, UK, Canada, Australia and New Zealand, known as the so-called “Five Eyes” group of nations — quietly issued the memo last week demanding that providers “create customized solutions, tailored to their individual system architectures that are capable of meeting lawful access requirements.”
This kind of backdoor access would allow each government access to encrypted call and message data on their citizens. If the companies don’t voluntarily allow access, the nations threatened to push through new legislation that would compel their help.
“Should governments continue to encounter impediments to lawful access to information necessary to aid the protection of the citizens of our countries, we may pursue technological, enforcement, legislative or other measures to achieve lawful access solutions,” read the memo, issued by the Australian government on behalf of the pact.
It’s the latest move in an ongoing aggression by the group of governments, which met in Australia last week.
The Five Eyes pact was born to collect and share intelligence across the five countries, using each nations’ diplomatic power and strategic locations as chokepoints to gather the rest of the world’s communications.
Since the Edward Snowden disclosures in 2013, tech companies have doubled down on their efforts to shut out government’s lawful access to data with encryption. By using end-to-end encryption — where the data is scrambled from one device to another — even the tech companies can’t read their users’ messages.
Without access, law enforcement has extensively lobbied against companies using end-to-end encryption, claiming it hinders criminal investigations.
Security researchers and other critics of encryption backdoors have long said there’s no mathematical or workable way to create a “secure backdoor” that isn’t also susceptible to attack by hackers, and widely derided any backdoor effort.
In 2016, rhetoric turned to action when the FBI launched a lawsuit to force Apple to force the company to build a tool to bypass the encryption in an iPhone used by the San Bernardino shooter, who killed 14 people in a terrorist attack months earlier.
The FBI dropped the case after it found hackers able to break into the phone.
But last month, the US government renewed its effort to set legal precedent by targeting Facebook Messenger’s end-to-end encryption. The case, filed under sealed, aims to break the encryption on the messaging app to wiretap conversations on suspected criminals.
It’s not the first time the Five Eyes nations have called for encryption backdoors. An Australian government memo last year called for action against unbreakable encryption.
Although the UK’s more recent intelligence laws have been interpreted as allowing the government to compel companies to break their own encryption, wider legal efforts across the other member states have failed to pass.
https://techcrunch.com/2018/09/03/five-eyes-governments-call-on-tech-giants-to-build-encryption-backdoors-or-else/
....
This is the type of news story which could definitely benefit from greater exposure.
I'm not certain if crypto currencies will be affected by these political agendas aimed at weakening encryption standards. If financial institutions have been targeted by this political movement, its not something that has been publicized much.
Such anti encryption measures could weaken security measures on smart phones, desktops, laptops and other hardware utilized to conduct financial transactions or conduct business. Although crypto currencies may not be directly targeted by this, it is possible thieves and criminals could utilize the type of backdoors governments demand to steal bitcoins and other electronic tokens.
There could be cause for concern over these measures.
thats it, goodbye anonymity, these acts of the govt will destroy the very essence of anonymity in bitcoin, that is why bitcoin was embraced by the people , because common people are sick and tired of being monopolized by any govt who suppress their financial freedom, and rights to earn and control their own money, if ever this will happen and comes to reality, which obviously any govt can, will bring us back to being monopolized, and enjoying our individual freedom on our money. not all people in bitcoin who took advantage of the anonymity are engaged in lawlessness, most users are here to earn and saved from being a milking cow by their own economy.
September 05, 2018, 09:56:15 PM
There is no such thing as a "secure backdoor". If you put a backdoor in a product, it will be found and it will be exploited.
In addition, as soon as you put a backdoor in the product, the very people you are trying to monitor will simply move to another product. What are you going to do, ban all programs except government built ones? Ban programmers?
In addition, as soon as you put a backdoor in the product, the very people you are trying to monitor will simply move to another product. What are you going to do, ban all programs except government built ones? Ban programmers?
How about the whole Intel security "flaw"? The best engineers in the world haven't been able to know about it until it was thrown into the public.
The main point isn't will we be flooded with software and hardware containing backdoors, but more so what backdoors are we currently overlooking? I'm pretty certain there is plenty of more that could potentially be exploited in the software and hardware that we're using right now. We'll only find out when it's too late. We rely on others as non tech geeks to point us at these flaws, because we in no shape or form will be able to spot any ourselves.
It's basically the same with people blatantly downloading crypto wallets. Have they checked the code? Nope. Do they know that the private keys these clients generate might not be that random at all? Nope.
September 05, 2018, 09:23:15 PM
End-to-end encryption would be the obvious resolution to this. In the meantime, decentralized internets will be coming out in droves and let's just hope that one of them is half decent and we can avoid all of this crap (mostly).
September 05, 2018, 05:44:27 PM
Nothing about government cracking Internet security bothers me anymore.
I've decided not to build my life (and my kids lives) on the Internet. They say the "evolving" ones will leave people like us behind... am not bothered by that at all .
There is nothing free about the WEB (Spider-Web?)/Internet (Net for Fishes). We will instead build and use alternatives that are totally decentralized or free from central control.
Won't be surprised if they already have secret agencies (unknown to even the known security agencies) that can easily crack or decrypt all Internet encryptions and security. These current tools only give us false sense of security?
I've decided not to build my life (and my kids lives) on the Internet. They say the "evolving" ones will leave people like us behind... am not bothered by that at all .
There is nothing free about the WEB (Spider-Web?)/Internet (Net for Fishes). We will instead build and use alternatives that are totally decentralized or free from central control.
Won't be surprised if they already have secret agencies (unknown to even the known security agencies) that can easily crack or decrypt all Internet encryptions and security. These current tools only give us false sense of security?
September 05, 2018, 03:48:49 AM
Does it mean that the government is afraid of Bitcoin? Why build a back door, and if so, the coin will definitely depreciate quickly. Bitcoin is a true free coin.
September 05, 2018, 03:33:31 AM
If they are targeting crypto, its not what they would announced it via a memo that would leaked and which organization would they have referred it to? I don't see any influence on crypto at the moment.
This is the last time I remember something like a visible effort being made to undermine systems created to support anonymous browsing, etc.
Quote
Developer of anonymous Tor software dodges FBI, leaves US
May 17, 2016
In its mission to hunt criminals, the FBI has been keen to hack Tor, the Internet browser that hides your true location.
The FBI's attempts to break into Tor are starting to manifest in strange ways.
FBI agents are currently trying to subpoena one of Tor's core software developers to testify in a criminal hacking investigation, CNNMoney has learned.
But the developer, who goes by the name Isis Agora Lovecruft, fears that federal agents will coerce her to undermine the Tor system -- and expose Tor users around the world to potential spying.
That's why, when FBI agents approached her and her family over Thanksgiving break last year, she immediately packed her suitcase and left the United States for Germany.
https://money.cnn.com/2016/05/17/technology/tor-developer-fbi/index.html
May 17, 2016
In its mission to hunt criminals, the FBI has been keen to hack Tor, the Internet browser that hides your true location.
The FBI's attempts to break into Tor are starting to manifest in strange ways.
FBI agents are currently trying to subpoena one of Tor's core software developers to testify in a criminal hacking investigation, CNNMoney has learned.
But the developer, who goes by the name Isis Agora Lovecruft, fears that federal agents will coerce her to undermine the Tor system -- and expose Tor users around the world to potential spying.
That's why, when FBI agents approached her and her family over Thanksgiving break last year, she immediately packed her suitcase and left the United States for Germany.
https://money.cnn.com/2016/05/17/technology/tor-developer-fbi/index.html
....
Although it is not publicized, it is possible the FBI and other government agencies put pressure on tech corporations and developers to engineer deliberately made backdoors into their products. Example: intels CPU "bug". Twitter also had a "bug" which "accidentally" recorded user passwords in plaintext not long ago.
The worst case scenario here, could be crypto software wallets like electrum as well as platforms like blockchain.info having zero day backdoors built into them. We've seen evidence of nano ledgers as well as bitfi hardware wallets having vulnerabilities.
Anyways, I'm far from being an expert on this topic. Would be interested to hear what others have to say about this.
September 05, 2018, 03:15:13 AM
I am one who believes surveillance is needed. With some regulations of course.
It will happen anyways, why not make sure they do it the right way?.
It will happen anyways, why not make sure they do it the right way?.
What is the right way though? As another person has mentioned, there is no such thing as a safe backdoor. There are supposed to be no backdoors to services nowadays, and yet hacks are still common. If they intentionally create a weak point, someone will find it and exploit it, if it doesn't leak first. Even if we ignore law enforcement, the services you use themselves can freely spy on your data. They may as well store your messages, password, etc. in plaintext.
September 05, 2018, 03:02:41 AM
I think that at some point, governments will demand to create an encryption backdoor on cryptocurrencies, but knowing that crypto's strong suit lies within its encryption, it will be a dire effort for the governments to convince the devs that that is for the greater good. Idk why they come to such thoughts; this to me seems like they just want to 'own' the data of us citizens by spying in every way possible, even if they tell us that they'd only use the backdoors if needed. I know for one that backdoors already exist in everything we use, tech companies just don't want people to learn about it, and the governments are trying to sensationalize it just so we can 'agree' that it is something not to worry about.
Perhaps we reached the age of pseudo-security and pseudo-privacy, people.
Perhaps we reached the age of pseudo-security and pseudo-privacy, people.
September 05, 2018, 02:09:46 AM
If the big tech giants lower their encryption standarts,a part of their customers(the more tech savvy ones,who want more security) might move to the crypto world.I don't think that the crypto world will abide by such rules ever.If the people are afraid that the govenments are spying them,they will choose desentralized paltforms with strong encryption.This is just a theory. 
September 05, 2018, 12:32:50 AM
I'm not certain if crypto currencies will be affected by these political agendas aimed at weakening encryption standards. If financial institutions have been targeted by this political movement, its not something that has been publicized much.
There is no question of encryption backdoors for financial institutions. Government can walk in through the front door and grab any data they want, by the truckloads, from financial institutions. Financial institutions will even slice and dice the data, sift through it for anything which might interest the government and give it to them on a platter, as a BAU process.
September 04, 2018, 11:15:33 PM
I am one who believes surveillance is needed. With some regulations of course.
It will happen anyways, why not make sure they do it the right way?.
Backdoors and exploits can be built into different levels, already a lot exists and people is not aware of them - Reason why the real solution is pushing towards the regulation of such technologies more than to make them disappear thing that won't happen.
The biggest issue with tech giants right now is some not letting the others compete. That is something the European Union is addressing now it seems and is a big problem because it starts with competition but later might be targeted towards costumers and governments also.
It will happen anyways, why not make sure they do it the right way?.
Backdoors and exploits can be built into different levels, already a lot exists and people is not aware of them - Reason why the real solution is pushing towards the regulation of such technologies more than to make them disappear thing that won't happen.
The biggest issue with tech giants right now is some not letting the others compete. That is something the European Union is addressing now it seems and is a big problem because it starts with competition but later might be targeted towards costumers and governments also.
This stuff targets non-criminals more than criminals, these governments want to spy on millions of people who use those services, while any semi-competent criminal uses other channels of communication that don't rely on third party services for secrecy. They always use criminals and terrorists as an excuse to get more control over the population, and then use that control to preserve their power. But in our age people are getting powerful privacy tools that allow them to hide from government, and in some cases it literally save lifes, like when journalists, activists and whistleblowers use them to avoid getting imprisoned/killed by authoritarian regimes.
September 04, 2018, 08:45:21 PM
I am one who believes surveillance is needed. With some regulations of course.
It will happen anyways, why not make sure they do it the right way?.
Backdoors and exploits can be built into different levels, already a lot exists and people is not aware of them - Reason why the real solution is pushing towards the regulation of such technologies more than to make them disappear thing that won't happen.
The biggest issue with tech giants right now is some not letting the others compete. That is something the European Union is addressing now it seems and is a big problem because it starts with competition but later might be targeted towards costumers and governments also.
It will happen anyways, why not make sure they do it the right way?.
Backdoors and exploits can be built into different levels, already a lot exists and people is not aware of them - Reason why the real solution is pushing towards the regulation of such technologies more than to make them disappear thing that won't happen.
The biggest issue with tech giants right now is some not letting the others compete. That is something the European Union is addressing now it seems and is a big problem because it starts with competition but later might be targeted towards costumers and governments also.
September 04, 2018, 07:05:13 PM
I never said it was Intel itself that came out. What I was referring to is the fact that the best engineers haven't been able to spot it themselves, even though the "flaw" was there for ever basically.
understood. but is was found and disclosed by responsible people eventually. if they hadnt come out with it intel probably would have happily ignored it even now assuming intel even knew about it internally at some point. flaws just ripe for the pickings.
and just because there are/were no known exploits, that just means the possible exploits were not common or severe enough (for the general public) to be noticed by the general public.
Are you trying to comfort yourself thinking that everything is under control to the degree where the general public isn't exposed to any sort of harmful exploit right now?
lol heavens no. we are at the mercy of both the government and the hardware/software manufactures. neither really care about our security or privacy.
exploits are all over just waiting for someone to find them. hopefully white hats will get to the worst ones first.
September 04, 2018, 04:40:23 PM
if you mean specter etc or the intel MME stuff it was not intel that just came out and admitted it one day. it was others that found and publicized it, then intel admitted it to the public. so other "engineers," for want of a better term, did find it.
I never said it was Intel itself that came out. What I was referring to is the fact that the best engineers haven't been able to spot it themselves, even though the "flaw" was there for ever basically. and just because there are/were no known exploits, that just means the possible exploits were not common or severe enough (for the general public) to be noticed by the general public.
Are you trying to comfort yourself thinking that everything is under control to the degree where the general public isn't exposed to any sort of harmful exploit right now? September 04, 2018, 09:34:05 AM
How about the whole Intel security "flaw"? The best engineers in the world haven't been able to know about it until it was thrown into the public.
if you mean specter etc or the intel MME stuff it was not intel that just came out and admitted it one day. it was others that found and publicized it, then intel admitted it to the public. so other "engineers," for want of a better term, did find it.
and just because there are/were no known exploits, that just means the possible exploits were not common or severe enough (for the general public) to be noticed by the general public.
September 04, 2018, 09:08:54 AM
There is no such thing as a "secure backdoor". If you put a backdoor in a product, it will be found and it will be exploited.
In addition, as soon as you put a backdoor in the product, the very people you are trying to monitor will simply move to another product. What are you going to do, ban all programs except government built ones? Ban programmers?
In addition, as soon as you put a backdoor in the product, the very people you are trying to monitor will simply move to another product. What are you going to do, ban all programs except government built ones? Ban programmers?
How about the whole Intel security "flaw"? The best engineers in the world haven't been able to know about it until it was thrown into the public.
The main point isn't will we be flooded with software and hardware containing backdoors, but more so what backdoors are we currently overlooking? I'm pretty certain there is plenty of more that could potentially be exploited in the software and hardware that we're using right now. We'll only find out when it's too late. We rely on others as non tech geeks to point us at these flaws, because we in no shape or form will be able to spot any ourselves.
It's basically the same with people blatantly downloading crypto wallets. Have they checked the code? Nope. Do they know that the private keys these clients generate might not be that random at all? Nope.
September 04, 2018, 09:06:14 AM
Quote
“create customized solutions, tailored to their individual system architectures that are capable of meeting lawful access requirements.”
so thats what, everything from smoke signals to every computer and smart device on the planet?
a back door into all communication devices. communications devices that the governments themselves need to securely communicate with each other. that hackers and "questionable" nations can use to access another governments internal, banking, law enforcement, infrastructure and businesses communications.
we all know how good governments are at keeping secret stuff secret. what could go wrong.
September 04, 2018, 08:14:44 AM
The tech giants are against this though right? I remember the issue with FBI planning to sue Apple because they refused to help them unlock some shooter's phone. The FBI ended up not suing because they apparently found a third party that unlocked the phone for them. Google also issued a statement condemning the push for backdoors I believe.
This is concerning though, and I hope whichever companies comply with this get exposed somehow.
I don't think this affects crypto very much as it's targeted towards surveillance, not necessarily for breaking into devices. People should be safe for as long as they don't share private keys over messaging software even if hackers somehow exploit these backdoors.
This is concerning though, and I hope whichever companies comply with this get exposed somehow.
I don't think this affects crypto very much as it's targeted towards surveillance, not necessarily for breaking into devices. People should be safe for as long as they don't share private keys over messaging software even if hackers somehow exploit these backdoors.
Jump to: