Sophos Cloud Optix
US Attorney General Eric H. Holder Jr. on Tuesday urged tech companies not to lock police out of popular consumer gadgets, lest law enforcement’s efforts to nab kidnappers or child predators be stymied.
Holder spoke at a conference on child sexual abuse in Washington.
From his prepared remarks:
It is fully possible to permit law enforcement to do its job while still adequately protecting personal privacy.
When a child is in danger, law enforcement needs to be able to take every legally available step to quickly find and protect the child and to stop those that abuse children.
“It is worrisome,” he said, “to see companies thwarting our ability to do so.”
He didn’t mention Apple or Google by name, but that’s certainly the context, given that both companies in September announced new mobile phone encryption policies that sparked a number of protests from government officials.
With the latest iteration of its mobile operating system, iOS 8, Apple said it was no longer holding encryption keys and wouldn’t be able to turn iPhone or iPad data over to cops anymore.
Likewise, the next generation of Google’s Android operating system, due for release this month, will for the first time encrypt data by default, thus putting up yet another roadblock to stop police from getting at the troves of personal data we all keep on our mobile gadgets.
Normal people who are sick and tired of surveillance were cheered by these moves.
Police were not, and Holder’s not the first one to get vocal about it.
Ronald T. Hosko, former Assistant Director of the FBI Criminal Investigative Division, published an opinion piece in The Washington Post last week about how Apple’s move will hamstring the law.
Hosko said that while Apple’s move didn’t make it any harder to tap or legally intercept calls with a warrant, it does “limit law enforcement’s access to… data, contacts, photos and email stored on the phone itself.”
Well, yes, it does make it harder, but it by no means makes it impossible.
iOS forensics expert Jonathan Zdziarski, who’s actually trained police on how to get data off of iPhones, a few weeks ago put up a post outlining how not-hard it is, given how very not-infallible iOS 8 is to intruders – particularly government-funded ones.
Following Apple’s new privacy policy around iOS 8, Zdziarski’s forensics software showed he was still able to pull from a device running iOS 8 practically all of its third-party application data, including content from Twitter, Facebook, Instagram, web browsers, and more, as well as photos and video.
And he didn’t rely on magic pixie dust to do it, Zdziarski told Wired:
I can do it. I'm sure the guys in suits in the governments can do it. And I'm sure that there are at least three or four commercial tools that can still do this, too.
All that’s needed, he said, is a powered-on phone and access to a computer previously used to move data onto and off of it.
But it’s not just encryption that’s frustrating policing efforts, Holder said:
Recent technological advances have the potential to greatly embolden online criminals, providing new methods for abusers to avoid detection.
In some cases, perpetrators are using cloud storage to cheaply and easily store tens of thousands of images and videos outside of any home or business – and to access those files from anywhere in the world.
Many take advantage of encryption and anonymizing technology to conceal contraband materials and disguise their locations.
The Feds have long wanted to peel those anonymizing technologies apart.
Most recently, the Justice Department has proposed a power grab that would make it easier for domestic law enforcement to break into computers of people trying to protect their anonymity via Tor or other anonymizing technologies.
Holder called on companies “to work with us to ensure that law enforcement retains the ability, with court-authorization, to lawfully obtain information in the course of an investigation, such as catching kidnappers and sexual predators.”
But since when have companies not, by and large, worked with the law when they come bearing warrants?
None of the encryption efforts put forward by Google or Apple will stop a warrant.
So, Mr. Holder, what, exactly, is the problem?
Image of mobile backdoor courtesy of Shutterstock.
I’m sure all will be well. It’s not like anybody else would ever learn to use those same backdoors. Besides, cops always behave ethically and have your best interests at heart. These days I don’t even know when I’m being sarcastic anymore.
Thus far the bad guys have proven to be at least as smart as the police, so a back door for one will be a back door for all.
The usual “Why doesn’t anyone think of the children” argument when all others have been used. It gets the masses to stop thinking and giving up on their privacy and other freedoms.
Holder did the same thing to the man who invented “smart lock” or whatever it would be called for guns. It was a device that would enable only the owner to fire the weapon. This is a technology that supposedly the government wants “for your protection”. At the show where he was showcasing his invention, Holder wanted to know how he could get a “master key” so that he could shut off the guns himself. The inventor said he would never allow this, so Holder and the government tell you that the technology is not available.
Who else do they think will use the backdoors? I’d suggest that some nefarious people just love open back doors, at home as well as on your technical devices. So leaving one open for the ‘law enforcers’ leaves it open to others as well! Not a good idea at all.
Is the US going to follow Britain’s example, by criminalizing the refusal of a government agency’s demand to reveal one’s own password(s)?
Nobody cares what Holder says. He quit. Adios.
I guess I’m not repeating to say if it’s there anyone will use it. One of the best things a systems programmer can do is a tight ship. The police have the ability to get search warrants, let them do the way the law prescribes and not how they’d like to just ‘fish’ for the stuff that they can find. I say no to this and to any other anonymity they suggest stopping. Did they ever think of people that wish they had our freedom, that they are dismantling? Many may die for just opening their mouths. Being retired LE (Law Enforcement), I too would take a lawyer before answering any questions!
Holder is a genius! Think of all the unsolved crimes before the invention of the smart phone.
/s
/facepalm
these guys are forgetting the privacy laws especially the Crown laws of the UK.
It cannot be allowed
Police Back Doors become Hacker Front Doors a few minutes after the product is launched…. 🙁 No, that’s a REALLY dumb idea.
Give somebody the keys to the backdoor and sooner or later everybody has a copy of that key.It’s inevitable.
The tenacious words of these oligarchical figure-heads whom carelessly utter such nonsense are just as sickening as the way they treat the poor and destitute, those stuck in abject poverty because of the capitalist society these masonic manipulators themselves have created. Their disdain of those less fortunate is as audacious as a hungry sea-gull that swoops down from the sky to swipe your food out of your hand——-these crooks know they can get away with it, so, in fact, that’s what they do!