Senate bill draft would prohibit unbreakable encryption
Last edited Fri Apr 8, 2016, 11:04 PM - Edit history (2)
Source: Associated Press
WASHINGTON (AP) -- A draft version of a Senate bill would effectively prohibit unbreakable encryption and require companies to help the government access data on a computer or mobile device with a warrant.
The draft is being finalized by the chairman of the Senate Intelligence Committee, Sen. Richard Burr, R-N.C., and the top Democrat, Sen. Dianne Feinstein of California.
Their goal, they said in a statement, is to ensure adherence to any court order that requires helping law enforcement or providing decrypted information. "No individual or company is above the law."
It was not immediately clear when they would introduce the bill.
Read more: http://hosted.ap.org/dynamic/stories/U/US_CONGRESS_ENCRYPTION?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2016-04-08-14-11-09
Edited to add these links to vice.com and wired.com articles on the apparent draft bill:
http://motherboard.vice.com/read/leaked-burr-feinstein-encryption-bill-is-a-threat-to-american-privacy
http://www.wired.com/2016/04/senates-draft-encryption-bill-privacy-nightmare/
forest444
(5,902 posts)One wonders how many of those glorified whores would be left standing if someone were to hack those offshore banks and hedge funds.
padfun
(1,787 posts)so can every friggin hacker in the world.
Downwinder
(12,869 posts)What's good for the Goose ...
Travis_0004
(5,417 posts)So If my computer gets hacked, and nothing is encryped (why bother if it can be broken), then don't blame me when a few thousand social security numbers are leaked out.
Hell, I'll transmit the data over public wifi using wep encryption, is that good enough for the senate?
Also, question 2, Sen. Dianne Feinstein on the intelligence committee? I guess one of the requirements to be on the committee is not intelligence.
BillZBubb
(10,650 posts)This bill sounds like something from the Idiot Caucus.
blackspade
(10,056 posts)This is just more invasive civil liberties violations in the guise of 'protecting' us.
xocet
(3,871 posts)christx30
(6,241 posts)pig latin would be unbreakable encryption. "Unbreakable" depends on how good of a hacker someone is. The law is pretty much "don't be smarter than us", which is a pretty low bar to get under.
Oneironaut
(5,519 posts)Of course, all it takes is one insider to ruin a company's day.
jmowreader
(50,562 posts)The National Security Agency does a lot of things, the most important of which is developing encipherment systems. They consider encryption unbreakable if the best technology available can't successfully decipher it before the information it's protecting stops being useful, or if it's not worth spending the time to break the code.
Travis_0004
(5,417 posts)WEP (used on old wireless routers) is a broken encryption. I can break through it in 15 minutes because there is a known flaw.
AES has no known flaws, but I can use brute force against it.
If I made AES 4 an encryption standard, it would have 16 possible combinations. You could manually type in 1, then 2 then 3, and within a minute or two you would break in. (Im simplifying it a bit since it would actually be binary, not base 10.
Since 4 bit is very very weak the solution is more bits in the encryption, so AES-256 is commonly used. With a supercomputer you could probably break it in under a billion years. Its that secure.
Its possible there is a flaw and with that flaw it can easily be broken, but there is no publically known flaw as of today.
Or in other cases the encryption is good but the password is 1234, and easily broken. (I have the same password on my luggage). This is often an easier way to crack encryption, which is why secure passwords are important.
hunter
(38,322 posts)Senators with djoy for brains.
GreydeeThos
(958 posts)What are they going to do, make it illegal to engage in mathematics research?
LiberalFighter
(51,020 posts)Kokonoe
(2,485 posts)The nukes are always warm. (Sort of sarcastic)
LiberalFighter
(51,020 posts)Oneironaut
(5,519 posts)After all, they know everything. Absolutely no terrorists will use third party apps. No sir-ee!
noretreatnosurrender
(1,890 posts)we don't send our money to the DNC. The DNC sends it on to horrible candidates like Diane Feinstein.
yodermon
(6,143 posts)Ford_Prefect
(7,917 posts)A personal friend was at PGP the last time we had this threat over what level of encryption is or is not safe, and what the government has a right to control. They will not tolerate this kind of interference for all the reasons you can name including incompetence within government agencies.
What this would do along with the obvious things would be violate the copyrights of the companies that developed the encryption, which would essentially put them out of business. Would you pay a fee for a product when you know the key to it rests in an archive in DC and can be read by any fool with a contractor's badge, but that you could be arrested for doing the same thing?
The arrogant idiots in Congress can't even operate their own computers yet they are telling the rest of us what we may and may not do with ours, although they haven't read the law they are voting for, and haven't the time to hear anyone else tell them about constitutional conflicts inherent in it.
"Lame, Lame, Lame, Lame, Lame !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"* (*Syndrome in The Incredibles)
Reter
(2,188 posts)Rand Paul promised to filibuster.
RiverNoord
(1,150 posts)Quality encryption is the entire basis of all web commerce. (Not to say that all web commerce is conducted with quality encryption...)
And quality encryption only lasts so long before it's cracked. Continuous development of 'unbreakable' (for as long as possible) encryption is essential to the viability of the Internet as a tool of commerce. Or any other application in which privacy is important or critical. All 'cloud'-based business software requires it.
If you mandate low-quality encryption by law, you might as well just direct the NSA to collect and publish every private detail possible of very American citizen and every American company.
Ford_Prefect
(7,917 posts)don't have the same budget or tools or access. This is not about safe data or national security. This is about breaking your civil rights and mine, and controlling the encryption companies, and nothing else.
Dumbing down the encryption they have tried before and it won't work, and they know it won't. This is really bad legislation pushed by really stupid politicians who shouldn't be allowed anywhere near this stuff. There's stupid that writes bad policy and there's dangerous that makes bad policy into enforceable law, and this is both stupid and dangerous.
hopemountain
(3,919 posts)and protector of free speech and the right to privacy.
'mala yerba no muere'
killbotfactory
(13,566 posts)Festivito
(13,452 posts)Can I create a good encryption that would be hard for me to break and then get paid by government to find a way to break it?
Nice retirement job.
silvershadow
(10,336 posts)from wired:
AS APPLE BATTLED the FBI for the last two months over the agencys demands that Apple help crack its own encryption, both the tech community and law enforcement hoped that Congress would weigh in with some sort of compromise solution. Now Congress has spoken on crypto, and privacy advocates say its solution is the most extreme stance on encryption yet.
more: http://www.wired.com/2016/04/senates-draft-encryption-bill-privacy-nightmare/
DemocracyDirect
(708 posts)I can write a program to encrypt data and send it to the other side of the planet, where my program could decrypt it ... both using a key set that only the sender and receiver have any knowledge of ..
in about 8 minutes!
If they seriously think they are going to stop would be terrorists or hackers communicating using impenetrable encryption with legislation they are wrong.
It makes you wonder what the real agenda is.
Elmer S. E. Dump
(5,751 posts)I doubt if they could get other countries to go along.