Privacy Absolutism

The Gotham Gal has been pushing me to write this post for a few weeks. Privately with family, friends, and business colleagues, I have been saying that I believe the tech industry’s position on end to end encryption, locking everything down, securing our devices, and making it so only we can unlock them is the wrong path. I touched on this issue last month but that was more of a “what do you all think” kind of post.

I very much like what the President said in Austin late last week. To quote:

Before smartphones were invented, and to this day, if there is probable cause to think that you have abducted a child or you are engaging in a terrorist plot or you are guilty of some serious crime, law enforcement can appear at your doorstep and say we have a warrant to search your home, and they can go into your bedroom and rifle through your underwear to see if there’s any evidence of wrongdoing,” he said. “And we agree on that, because we recognize that just like all of our other rights … that there are going to be some constraints we impose so we are safe, secure and can live in a civilized society.

I do not think that because we now have the technology to lock things down (strong encryption) and because the industry that develops and maintains all of this technology has a strong libertarian bent that we should just abandon the framework that has worked in our society for hundreds of years. If society thinks someone is doing something wrong, and if law enforcement can get a warrant, there should be a mechanism to get access to our devices.

I would love to see the tech sector work to figure out a smart way to address this issue. My partner Albert has suggested an approach on his blog. There are some interesting approaches that are already being used in cold storage of bitcoin that could be applied to this situation.

But my meta point here is that I am saddened by the tech sector’s absolutist approach to this issue. The more interesting and fruitful approach would be to think about the most elegant solutions and build them. Because, as the President warned in Austin last week,

I am confident this is something we can solve, but we’re going to need the tech community, software designers, people who care deeply about this stuff, to help us solve it. If everybody goes to their respective corners … what you’ll find is that after something really bad happens, the politics of this will swing, and it will become sloppy and rushed and it will go through Congress in ways that have not been thought through, and then you really will have dangers to our civil liberties.

#policy#Politics

Comments (Archived):

  1. Pranay Srinivasan

    The internet actually is such a different animal. What works inside a society in USA maybe misused as a precedent in other governments. And a key to a universal device like an iPhone that is used globally by millions of users becomes a passkey that nobody can control once it’s in the hands of a foreign government that will cite this exact case.Its not the principle (which I agree with) but the misuse of the tools given that technology and devices and encryption are the same across geographic boundaries and government agencies are inherently pursuing different agendas.And it could very well end up like the NY Universal key available online for $15.50 a pair.http://nypost.com/2015/09/2

    1. pointsnfigures

      The internet is a different animal–but that is why reading the Constitution and the Bill of Rights based on original intent is so critical to figuring out a way out of the dark. If you stick to your principles, then they work in lots of situations.

      1. Pranay Srinivasan

        Yep, works for now but then other countries use those same principles and apply it to *Their* situations and suddenly the Constitutions and original intents go right out the window..

        1. pointsnfigures

          I am empathetic to other countries. I am empathetic to the problem of 1 phone working everywhere. But, our system of government only affects our country and that is how we have to look at it. Apple has unlocked phones for the Communists in China. I don’t think the standards of China should apply to the US, and the government there wouldn’t want our standards imposed on them-although their people might.

          1. Pranay Srinivasan

            Governments are convenient. It’s *because* Obama is a gentleman and *because* the current US Govt respects civil liberties that this debate is *even* a debate. In China, Tim Cook would have “disappeared” for a week and come back claiming a new god.I would love to believe in Fred’s version of the world where the key is closely held, the US has jurisdiction on data, and that other countries do not misuse this key – and/or let it fall into the hands of terrorists / identity thieves.But we just know thats not the world we live in. YMMV.

  2. Tom Labus

    In my more optimistic moments, I like to think that the info on the phone is already been retrieved by Apple and is in use by the FBI et al. That this public display is a disinformation campaign to confuse and misdirect the enemy. We did fake an entire invasion of a continent in WWII,But then I wake up and see Trump and know that I’m only dreaming.

  3. hal shear

    Much as I worry about the misuse of a key, your logic makes sense in the context of the President’s comment that a quick response to a crisis will be even worse, since I think he is correct.

  4. vruz

    Fred, this is insane.This is the very definition of doublespeak.Absolutism is, if you care to look in a dictionary, the exact opposite of what you say privacy rights activists are doing.Various definitions:– Absolutism is the principle of complete and unrestricted government power, usually in the hands of one person, a dictator or despot.– A political theory holding that all power should be vested in one ruler or other authority– A political theory that absolute power should be vested in one or more rulers”Privacy absolutism” is pernicious surveillance state doublespeak at its finest.The president is wrong. His policy is destructive and a zealous attack on civil liberties.Not to mention that his actions for a while have been at times at odds with any sense of legality and judicial restraint.Right now my opinion of you is the lowest possible, and I don’t consider you a serious person anymore.You are condoning and promoting fascism, you are not my friend.It was a good ride, and I enjoyed your welcome here for more than 10 years, but I don’t feel comfortable sharing anything with you anymore.Shame on you.

    1. Salt Shaker

      Jeez, isn’t that a bit harsh and extreme. You make this sound as if it’s a b&w issue, and it’s far from it. Curious how you’d feel if that was one of your relatives in San Bernadino.

      1. vruz

        Curious whether you think I’m wrong in anything I said?

        1. Salt Shaker

          No, not at all. Your explanation of “absolutism” was enlightening and informative. You went downhill for me thereafter.

          1. vruz

            Thank you.I’m right and I’m massively intellectually offended.

      2. JoeK

        This is part of the problem, bringing up the emotions of San Bernadino.In response to a maniac using weapons of war to shoot a few dozen people, and having decided that the liberties of the masses to own these weapons is too sacred to legislate on, we are proposing to mandate the global technology industry to allow governments everywhere, to be able to spy on their citizens at will.And yes, while the US government may not be the sort of regime to abuse such a feature, there are plenty of governments worldwide that will.

        1. Salt Shaker

          Slippery slope, yes. But the notion that safeguards can’t be built into an enhanced system, whether, for example, via warrants combined w/ 2 or 3 factor authentication, or by some other means, is a defeatist attitude. Fix the problem, don’t bury it. Bad precedents admittedly have incurred, but that shouldn’t portend there’s no reasonable solution that can balance public safety and privacy. Most decisions made–either personal or in biz–have some element of risk/reward, the key is in minimizing the risk.

          1. JoeK

            It isn’t a slippery slope, it is a cliff.Phrase it this way – should Apple be forced to allow the government of Equatorial Guinea to be able to decrypt the iPhone of any individual physically present in that nation provided that a judge signs a warrant requesting this?The whole 2 factor this is meaningless – either you are willing to allow the government access when they request it, or not.

          2. Salt Shaker

            AAPL prob doesn’t give two shits about Equatorial Guinea but they sure as shoot care about China. That’s the hypocrisy in all of this. The outrage by APPL and others is driven by biz concerns as much as, if not more than, ethics. This holier than thou stance by Tim Cook is a joke. They, and other tech companies, exploit your data daily for their financial gain, and somehow that’s acceptable? Hypocrisy and double standards if you ask me.

          3. JoeK

            What do you mean by double standards? The business concern are a direct reflection of their current perspective on concerns of their customers. It is the way the world works. Would Apple still use cheap child labor is they felt that their customers would not mind? Of course they would.And yes, Equitorial Guinea, China, North Korea – the same right would apply to all of them, which is exactly my point.

      3. LE

        Curious how you’d feel if that was one of your relatives in San Bernadino.I for one feel that the issue stands on it’s own as being right w/o regard to whether I am personally impacted by it or not.What makes common rational sense shouldn’t need to be bolstered by emotion. When emotion is involved you get people who don’t even think a trial is necessary to determine guilt or innocence and for sure act irrationally (which is how at least some crimes end up being committed).

      4. rick gregory

        ” Curious how you’d feel if that was one of your relatives in San Bernadino.”Yes, let’s decide policy based on emotion. Nothing could go wrong with that.

        1. Salt Shaker

          Very rarely are decisions made without some degree of emotion involved. The machines haven’t totally taken over just yet, although Bladerunner is just around the bend. Nothing wrong w/ emotion coming into play, as long as it doesn’t overwhelm, obfuscate, conflate, etc., the core. That’s life and to suggest otherwise isn’t reality.

    2. fredwilson

      really? ok, i accept that.

    3. Elia Freedman

      It’s one thing to attack the position. It’s another to attack the person.

      1. vruz

        It’s not an attack, I feel very offended, and it’s not my right or place to attack Fred at his own home.Consider it an expression of massive disappointment for someone I used to hold in high esteem.Good bye.

    4. JimHirshfield

      “an absolute standard or principle”http://www.merriam-webster….Absolute = “complete and total”http://www.merriam-webster….And my read of this post is that Fred is referring to opinions that are absolute…that some people see things as binary, either 1 or 0…no shades of gray.I did not read Fred’s post as one where he was advocating absolute power, fascism, or dictatorial rule.

    5. Mario Cantin

      The way you worded it is it’s your loss, not Fred’s.The very strong stance you are taking and how you’ve communicated is precisely the type of attitude that the Tech sector should hold back on a little that Fred was talking about so that some communication can take place.

      1. vruz

        I can negotiate anything.Doublespeak warfare is extremism, an attack and an offence I don’t take lightly.

        1. Mario Cantin

          I thought you had already left. Guess not.

          1. vruz

            I wouldn’t want to be rude to you.

          2. Mario Cantin

            I appreciate that. Look, the way you said it is having the opposite reaction. You could have presented it better.

          3. vruz

            Extremism is not something to be lukewarm about.

        2. ZekeV

          I don’t think AVC or Obama are being extremists. They are trying to take a “reasonable” position (politically, if not technically). The problem is that technically, a compromise on this issue means that devices will not be secure, and will not be private — a reasonable compromise makes devices 100% unfree. For mandated access to work (even subject to a warrant, based on key escrow, etc.) will need a limit placed on what computing devices we are allowed to use. Otherwise I can just run free software and implement a more secure communication protocol. My concern about Obama’s “reasonable” position is that it leads to the end of true general purpose computing, at least as far as the law is concerned.Unfortunately I don’t think it is possible to win this battle over the long run, not politically. We will never get a law (not a durable one anyway) that says computer users can have true privacy and freedom of speech. And within the realm of politics, it is necessary to compromise with people who do not see things our way.The good news is, you may be able to achieve privacy and freedom in your computing if you are willing to make big sacrifices, basically live as a sort of Stallman-esque technology monk. Given the very small number of people who are able to do this, the lifestyle tends to attract people of high principle and I would assume very few people who use tech to harm others. I would be OK with Fred’s compromise position politically, as long as there’s a loophole for people who want to run free software on their own general purpose computers.

    6. ZekeV

      I agree re: the def of absolutism, and it is surprising that tech industry is so split on this issue. I don’t see how it helps to unfriend people for their views on this issue, though.

      1. vruz

        There is no argument to be had.Mathematics and civil rights are not negotiable.It may not be offensive to you, but I take this kind of fascistic doublespeak as a personal insult.Such statements are portrayed as the “reasonable” and “moderate” thing, when it’s in fact crazy unscientific extremism, all the while the civil libertarian position that holds privacy as a fundamental right is portrayed as “totalitarianism”.I can’t be insulted like this.

        1. ZekeV

          You don’t have to agree on principle, but ultimately the policy set by the state *will* be a compromise — unless the state is authoritarian. Can you have an authoritarian regime that exists only to defend your civil liberies? Hm… I have concluded that while I disagree with Obama (and probably Fred as well!) in principle on many issues, on the whole I think Obama has been a better administrator and has generally erred more on the side of protecting liberties than have other presidents who superficially appear to be more libertarian.

    7. TeddyBeingTeddy

      Translation: “I have a LOT of stuff to hide, so I’m going to creatively justify the argument that prevents people seeing stuff on my phone/laptop that would make me look really shady.”

      1. ShanaC

        we all have stuff to hide, it just is what kind, and from whom, and why

    8. Simone

      If you stopped from typing for a minute, you would have realised that Fred is a vc, not an English language academic, and the use of the word is not as normally intended by the definitions you have copied here. What I also think is that Fred wanted to avoid using the title ‘privacy extremism’, so he ended up with this title that upset you. But I understand you were also upset by the entire post. I have nothing to hide, so I agree with Fred. Moreover, I really don’t think it is in our control and I think lack of privacy is happening anyway without my permission. So unlike you, I never think about it. It’s not the lack of privacy that can destroy countries, it is people voting.

    9. SubstrateUndertow

      I agree this is insane but lets remember even you and I could be wrong on this. Thats why we having this discussion here 🙂

    10. ShanaC

      wow wow wow

  5. charlieok

    Mathematical and physical laws set the boundaries for human laws, not the other way around.In the days of analog phone lines, it was possible to capture a conversation without the participants having a good means of stopping you. So we got wiretap laws regulating this.Now it is digital and there happen to be techniques — which could in principle be carried out with pen and paper — allowing secrets to remain hidden from third parties watching the communications.The government seems to have gotten the strange and power-trippy idea that just because they used to be able to wiretap with the previous technology, they should always and forevermore have that ability, math and physics be damned.They are essentially arguing that you should not get to carry out a particular set of calculations on a piece of paper without sharing the results with them.Edit: it seems somewhat appropriate that we are having this discussion on Pi day :)https://en.wikipedia.org/wi…

    1. Twain Twain

      In fact, NATURAL LANGUAGE (symbolism, spoken, written text e.g. in the I Ching “Book of Changes, 600 BC and other Ancient scripts) set the boundaries for human laws long before we had mathematical and physics laws from the likes of Euclides (300 BC), Ptolemy (100 AD), Archimedes (287 BC), Brahmagupta (598 AD) and Muḥammad ibn Mūsā al-Khwārizmī (780 AD). Mūsā al-Khwārizmī is considered to be a father of Algebra, which codifies maths and physics laws in mathematical language.This distinction matters because it’s at the very heart of the philosophical fights in the most cutting-edge of AI about whether mathematics and physics as languages (in their current form limitations) should set the rules for Natural Language.It is NOT the case that the laws of maths, physics & tech have historically and should in futurescope take precedence and primacy over the LAWS OF HUMAN CONSIDERATION.If there are any Maths and Physics laws that codify HUMAN CONSIDERATION (i.e., thinking with CARE) in a coherent way, I’d certainly like to see that artifact.@vruz:disqus — What your comments on Philosophical Absolutism show is that these are issues centered on language definitions rather than the laws of maths & physics.My reading on this post is that @fredwilson:disqus is seeking an as-yet undefined model and that that model is somewhere between the Technocratic one — where the laws of maths+physics are cited as taking primacy (“We can’t unlock it because encryption maths will break.”) — and the Libertarians one — where all data is open, free and transparent.Here’s the thing about maths as a language. It can be changed. It can be adapted.There was no “X” in algebra and now there is.* https://www.ted.com/talks/t…In the same way, there is currently no systems model for what Fred is opening up this discussion about (a hybrid model between the absolutes of Technocracy and Libertarianism, a hybrid wherein the machines are able to pin-point evil people by their data before they commit heinous acts of murder — whilst not infringing upon the vast majority of us).One of the greatest things about us as a species is that, throughout our remarkable history, where a tool didn’t exist to solve a problem we needed to solve … People philosophized about the problem and then we pragmatically invent to solve it.

      1. SubstrateUndertow

        This is better thought of as a biological analogue !Informational containment (cellular/organ/organism boundaries) seem more informative/persuasive as a time tested survival strategy cheat sheet.

        1. Twain Twain

          To quote John Von Neumann, a father of Modern Computing: “When we talk mathematics, we may be discussing a secondary language built on the primary language of the nervous system.”Now, I happen to have based my system on the belief that Maths+Physics in their current forms don’t and can’t “set the rules” to model us, our language and our behaviors.Yeah, so that’s what President Obama should do. Cite John Von Neumann at people who want to argue that Maths+Physics rule us and everything.@fredwilson.

          1. ShanaC

            Though I would remark straight Dna works as a hard drive for a Von Neumann machine

          2. Twain Twain

            Right and there are folks who would like to nanobot us all, whereby the nanobot (an RFID microchip taken as a pill, daily) would be our secure neural access to the Cloud and hold all the encryption keys:* https://www.youtube.com/wat…* http://money.cnn.com/2016/0…* http://www.marketplace.org/…Quoting from Marketplace article: “In Kurzweil’s vision, these advances don’t simply bring computers closer to our biological systems. Machines become more like us. “Your personality, your skills are contained in information in your neocortex, and it is information,” Kurzweil says. “These technologies will be a million times more powerful in 20 years and we will be able to manipulate the information inside your brain.”It will be interesting to hear what President Obama has to say on privacy when/if this potential future for his daughters happens.@fredwilson:disqus — Existential crisis that make us deeply examine what technologies do / don’t do / should do / can’t do is always excruciatingly painful but eventually productive.It happened when the telescope & navigation tools were invented to prove “earth is round not flat.” It happened when Modern Science took on the Church. It happened during Industrial Revolution.It’s happening now in each of the interconnected areas of AI, Blockchain, data and wrt which institutions are the extensions and arbiters of our trust, ethics and values — “The elected governments or the producers of tech devices we’ve shared more of ourselves with?”The thing is that these are issues for ALL governments. The jurisdictions of privacy have to be universally discussed and agreed upon because of the pervasive nature of global technology businesses.

          3. Twain Twain

            @cdixon:disqus — What’s your view on encryption as keys stored in a nanobot pill we take?

    2. JLM

      .The gov’t can only do anything when they suspect a crime has been committed, have probable cause to believe that there is information or evidence in the suspect’s possession that would be admissible in court, specify the exact nature of the evidence for which they are looking and can convince a judge of their argument whereupon the judge issues a search warrant.The notion that the gov’t is doing this willy nilly is not correct. This is a law enforcement matter only.Crimes. Suspects. Probable cause. Specific targeted evidence. Admissible evidence. Process. Judge. Search warrant.OTOH, the NSA is capturing your burps, storing them, and cataloging them for future use.JLMwww.themusingsofthebigredca…

      1. Richard

        Fred, Donald Trump and JLM agree on an issue…And Tim Cook takes the opposite position, you decide….

        1. JLM

          .Yes, we are all voting for Trump (Melania).JLMwww.themusingsofthebigredca…

          1. LE

            Sophie Grégoire is more my type than Melania. For that matter Heidi Cruz if she didn’t suffer from depression and when she was a bit younger.Cruz suffered from depression and in August 2005 was found by a police officer sitting on a grassy verge by a public highway. Jason Miller, her husband’s adviser, said that she had experienced a bout of depression at that time similar to that of “millions of Americans” and that she had overcome it with “prayer, Christian counseling, and the love and support of her husband and family.That’s right Christ and prayer can cure depression, definitely.

          2. JLM

            .That event occurred in my neighborhood. Ted used to live in my neighborhood when he was working for Texas as solicitor general.JLMwww.themusingsofthebigredca…

          3. LE

            No way she will be able to stand up to the rigors of first lady hood.

          4. JLM

            .Actually, I think she’s tough but she got caught in a whirlwind of changes. From what I know of her, she is universally respected and liked.Being married to Ted must be a trip.JLMwww.themusingsofthebigredca…

          5. LE

            From what I know of her, she is universally respected and liked.What people think about you in a social situation and publicly and what you are really can be entirely different things. I speak from experience in several long term relationships.Being married to Ted must be a trip.Before the Joe Paterno scandal, I always thought his life would make a good musical broadway play.It would be called “Joe’s got a game today” and the central character would be his wife and how her life totally revolves around “the game”. Paterno’s wife wasn’t an idiot but my creative mind wanted to make her sound like Edith Bunker when she said “Joe’s got a game today” prior to any dance number.Super ironic given how Paterno’s life ended (if you like this type of things watch “Happy Valley” on Netflix.)

          6. William Mougayar

            Did you watch the Trudeaus arriving at the White House last week & the State Dinner? The speeches of Obama & Justin Trudeau were funny.

        2. Jaikant Kumaran

          This is exactly how people make their opinions these days – look around and see who stands where. Excepting the few who are undecided the rest just follow.

          1. JLM

            .And the undecided, when they decide — what are they?We have always wanted to be led to the solutions.JLMwww.themusingsofthebigredca…

          2. Jaikant Kumaran

            Catch them alive and get the key.

      2. charlieok

        Those things are all well and good, and not one of them, nor all of them taken together, mean that you, I, and others shouldn’t get to use our choice of techniques that happen to have the effect of securing our information, stored or in transit.

        1. JLM

          .I agree more with you than you do with yourself.We are not only entitled to safeguard our info any way we want but gov’t’s interest in what or how we do anything is not warranted until there is a crime, a legitimate notion that we are involved, probable cause, an assertion of some bit of relevant evidence they hope to find, a written search warrant request, and a Judge’s court order granting the request.How we safeguard our info is no business of the gov’t even if we are the subject of a credible inquiry.Once that court order — the search warrant — is issued then the gov’t’s right to access that info is paramount to everything else.No company ever said, “Our security system is intended to serve the interests of criminals.”JLMwww.themusingsofthebigredca…

          1. charlieok

            > Once that court order — the search warrant — is issued then the> gov’t’s right to access that info is paramount to everything else.It still isn’t paramount to any other person’s rights; it still shouldn’t compel any individual or company to do the government’s job for them, especially against their own and others’ best interests; it shouldn’t apply to questionable “courts” such as secret courts, courts not under the judicial branch, or mass warrants.

          2. JLM

            .You have about ten different concepts interwoven there.When one doesn’t cooperate with an official investigation, that’s called “obstruction of justice” and you can go to jail for that alone.If one doesn’t open the door when the search warrant is proffered, the searchers can bust the door down.In this instance, there is absolutely no bigger issue at play — the FBI wants to get into the cell phone of two terrorists and a court has granted their request.There is no secret court involved here and the court was sensitive to Apple’s dilemma even going to the trouble of requiring Apple to estimate the cost to the company with an eye toward the FBI paying that cost.There is no great precedent being set here other than that the old, fully settled law of search warrants continues unabated.I am not aware of any mass warrants being issued by anyone. The NSA may have taken actions which were of a “mass” nature but they relied upon Congressional authority not mass warrants.JLMwww.themusingsofthebigredca…

          3. charlieok

            My objection was to your phrase, “paramount to everything else”. In the main I think we have a lot of common ground. I’m not terribly interested in the specifics of the San Bernardino case except insofar as they establish precedent.In regards to this part:> There is no great precedent being set here other than that the old,> fully settled law of search warrants continues unabated.I would refer to my above comment about wiretaps. When technology changes, “fully settled law” may need reexamination, and that shouldn’t be done with a goal of preserving government powers that may have made sense in an earlier era.Regarding secret courts and mass warrants, see https://en.wikipedia.org/wi

          4. Prokofy

            All of this will be decided soon by the case of Jamsheed Mukhtorov about which I’ve written extensively http://3dblogger.typepad.co…Authorities in Denver accessed Mukhtorov’s phone to learn of his plans to support jihadists in Turkey and travel to them to give them support (he was originally from Uzbekistan and came to the US as a refugee – a half dozen other Uzbeks have been convicted of terrorist plots, including one to assassinate Obama).Either you think it’s fine to access a phone to prevent civilians in Turkey or our soldiers in other countries attacked by this jihad group in Afghanistan or elsewhere — or you don’t, for reasons of hysterical privacy notions and obsessive anarchy.If they got a warrant or they could show that their failure to get a warrant, but instead a secret court agreement — even if that secret court is later found illegitimate by some other ACLU suit — and prevented this from happening properly, because they have evidence that it was true, good! They will win unless the manufactured hysteria which Google is capable of with YouTubes and social media campaigns (think SOPA) prevails. Of course we will suddenly see EFF, Snowden, Access and many other tech anarchists suddenly become experts on Uzbekistan, following the “guidance” of extremist Sarah Kendzior if nothing else. They will create a storm of media hysteria as they’ve already done on this case. However, in the wake of San Bernardino, Paris, Brussels and many other lesser known attacks, this faux invocation of abstract human rights considers will fall flat.Of course, there could be a “let’s make a deal” outcome where we take this figure, who could merely be an Uzbek intelligence agent that his own people chucked under the bus, is returned to Uzbekistan to certain torture or uncertain glory, we don’t know.But basically, way more than the San Bernardino case, people will be forced to look at reality: either you access phones and stop people’s plans to blow up stuff, or you don’t. This isn’t one of those cases where the FBI pretends to be a jihadist and lures someone into a trap of their own making. It’s finding out about real external plans.

          5. charlieok

            > Either you think it’s fine to access a phone to prevent civilians in> Turkey or our soldiers in other countries attacked by this jihad group> in Afghanistan or elsewhere — or you don’t, for reasons of hysterical> privacy notions and obsessive anarchy.No, that’s a strawman. If the authorities have a warrant, of course they can do their best to get the info off the phone. I’m just saying it shouldn’t be Apple’s problem if they find that to be very difficult to do.

      3. SubstrateUndertow

        Secret courts ?

        1. JLM

          .All court deliberations related to the issuance of search warrants are by their very nature secret. You may be thinking of FISA courts wherein the deliberations — even after the fact — secret.JLMwww.themusingsofthebigredca…

      4. Sam

        “Crimes. Suspects. Probable cause. Specific targeted evidence. Admissible evidence. Process. Judge. Search warrant.”This is the right framing of the process. But the heart of the matter isn’t about process. It’s about the evidence itself — and whether technology will enable (or prevent) that evidence from being discoverable in the first place.

        1. JLM

          .Pretty sure I don’t agree with you. Suppose a search warrant turns up a locked steel box.Do you now think law enforcement cannot take it to a machine shop and ask them to cut it open?Encryption is simply a digital box. Nothing more.Let’s take it a step further and suggest the info desired is stored in teh cloud v being stored physically on the phone.This is all just a different step in the same well litigated process.JLMwww.themusingsofthebigredca…

          1. Cam MacRae

            One doesn’t need a machine shop. One simply passes a law that requires all locked steel boxes to have a second entry to which Government has a key.

          2. JLM

            .Taken a step too far.In this instance, the FBI is quite happy to have Apple produce the contents and be the only keeper of the flame as to how it was actually done.Bear in mind that Apple has done this almost a hundred times in similar circumstances.JLMwww.themusingsofthebigredca…

          3. PhilipSugar

            Hate wading in.Here is the better analogy: Can I make a steel box when tampered with watsoever destroys what is in it?If not, what makes somebody else able to build one?Finally, since there are now billions of people that want to buy that steel box because it has so much value. I..e. networked supercomputer in your hand….what are the implications.

          4. JLM

            .Safes in the 1950s introduced this feature. When the combo failed X times, the contents were destroyed.Law enforcement was routinely able to compel the safe manufacturer to assist them to open the safes.JLMwww.themusingsofthebigredca…

          5. Fernando Gutierrez

            I know more than a few people who have lost data or funds because of lost encryption password. Big tools require big precautions!

          6. Sam

            I didn’t know about those kinds of self-destruct safes, and I agree it’s a good analog.It’s somewhat distinguishable from the present situation, though, in that 1. US society is less trusting today of their government’s motives and actions when it comes to private information; 2. Apple has a lot larger market cap (and therefore power) to offset the government’s request as compared with a safe manufacturer in the 50s; and 3. (as Philip Sugar noted) the policy implications for the global economy are more significant.Personally, I don’t think as a society we’ve grappled adequately with the privacy issues that began to surface (or maybe simply that I began to notice) in the mid 90s with the rising adoption of the web. We sort of swept them under the rug back then, but they’re still there.

          7. JLM

            .My comments are intended to address only the San Bernandino terrorist situation.On a grander scale, I would not trust the gov’t on anything whether it was a Rep or Dem administration. It is pretty damn clear that the current administration (not the first BTW) has weaponized the IRS and that IRS Com John Koskinen is a political hack.BTW, he is a Dukie and that tells one all you need to know. I had business dealings with him in a former life during the liquidation of MBL (Mutual Benefit Life) in Newark and he was as slippery as an eel. Smart as a whip. As honest as the situation required.I love my country. I served my country. I was prepared to do whatever needed doing for my country.I do not trust my gov’t.JLMwww.themusingsofthebigredca…

          8. haliphax

            Your comments are specific to this situation, but that is exactly the problem – this will set a precedent. The government already has some 300+ other phones they want to unlock, for other reasons, waiting in the wings.

          9. JLM

            . I have never heard that before. Very interesting.JLMwww.themusingsofthebigredca…

          10. Prokofy

            Good! That’s fine. Only binary thinking — 0/1 and 1% is as bad as 100% would think otherwise and imagine this ‘spreads’. The government will need 300 warrants and if each type of phone generates numerous cases, they may need 300,000 warrants. That’s fine, they’ll get them once there is a precedent. It is appropriate in a society under the rule of law.What we need to get you to focus your binary mind back on is the other thing, the fact that not 300,000 but 3 million or however many terrorists and criminals in the world have invincible encryption. They ALREADY have this and ALREADY use it. Your moral blindness to this problem because it lies outside the binary of spread/not spread illusions is horrifying. Do try to focus. What is specific to this situation is the ability to kill people with impunity.

          11. Marcus

            Criminals are going to have invincible encryption no matter what. As an analogy, I’m in favor of reasonable gun control, but if it were possible to sit at a keyboard and download a gun in ten seconds I’d say “screw it, it really *does* only affect law-abiding citizens”.

          12. haliphax

            Where the hell did you get anything about killing people with impunity? I think you need to re-read the definition of impunity.

          13. Tommy Chen

            But they couldn’t ask them to create a master key for all their safes nor was the company burden with hundreds of request to assist them a week.

          14. LE

            Law enforcement was routinely able to compel the safe manufacturer to assist them to open the safes.Yes but that was a different place and time. I had made a comment re: “to big to compel” whereby these uber large companies (Apple/Google/Facebook) are way more powerful than a run of the mill safe manufacturer or even Archer Daniels Midland because your dead aunt knows who they are.

          15. Cam MacRae

            Government decides all this key keeping is inconvenient, and passes a law that requires all locked steel boxes to have a second entry to which the manufacturer has a key.

          16. Tommy Chen

            Apple has not and that is were most are misunderstanding. Apple handing over iCloud data is not the same as creating software to break in to encrypted data they do not hold the key to.

          17. bonnie1

            Exactly! Not the same thing.

          18. ZekeV

            The locked box analogy is wrong. That’s b/c no matter how well you build a steel box (or reinforced concrete bunker, etc.) there’s a way to gain entry that does not involve picking the lock, or requiring the manufacturer to build it with a hidden weakness.Also, encryption algorithms are speech. A lockbox is not speech (though possibly the designs for it are). The original “crypto wars” involved the Clinton government arguing that cryptographic algorithms are akin to weapons, or perhaps the plans for building really powerful weapons. But, that’s a different discussion from the more recently ignited crypto wars, I believe. Now we’re talking about this more as a privacy vs. law enforcement kind of thing.

          19. JLM

            .In both instances, there is a tool with which access is gained and this tool is accessed by the FBI using its legitimate law enforcement authority.I cannot get my arms around the notion that encryption is somehow “speech” if you use it in a Constitutional (1st Amendment) frame of reference.One can say whatever they want but that does not absolve them from the consequences of their words. In this day and age, the spoken word is still actionable as slander and one could argue that the reportage of an oral slander is actionable as libel.Neither slander or libel are apropos here but the idea that something being safe or unactionable or somehow protected because it is “speech” is simply not true.The privacy issue does not require a solution as this is simply a law enforcement matter in the face of probable cause. It does not have to address the greater issue.One phone. Two terrorists. Contents. Asking for assistance. Court order.JLMwww.themusingsofthebigredca…

          20. ZekeV

            No one cares about protecting the speech of the badguy. That’s evidence of a crime. The issue is what to do about the software that allows the badguy to hide his speech.

          21. ShanaC

            The problem isn’t terrorists. The problem is John Austin Walks into a Bar with a Gun, and says “Give me your phone and the back door key”What makes John Austin not the Law or a form of Legitimate Government*https://en.wikipedia.org/wi…* He came up with one of the most extreme formulations of legal positivism, including one explanation using a gun

          22. bonnie1

            The lockbox analogy is wrong in another very simple sense. The companies were compelled to open ONE safe – not invent a key that opens ALL safes.

          23. ShanaC

            technically dna could be seen as a form of encryption then.

      5. sigmaalgebra

        I want to be more clear:All the legal processes can be as they are or will be, but once the government gets my encrypted data, all they get is essentially many thousands of lines such as/9j/4AAQSkZJRgABAgAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAMaA8oDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3This is called base 64 encoding. Okay, what is here is the first parts of the base 64 encoding of a nice picture of Donald, Melania, and Barron. But with, in addition to base 64 encoding also have, Rivest-Shamir-Adleman (RSA) encryption, the base 64 data would look to a human eye essentially the same, just gibberish, and, moreover, any attempt to do anything with that data would be essentially impossible without my RSA private key.Now, I don’t know the legalities, but my guess is that I would not have to hand over my private key. Moreover, I could claim that I did not have that private key, that I forgot it, or lost it, burned it, or flushed it. And maybe legally I could just decline to answer. Whatever, the government would have a heck of a time getting my private key. And if I really didn’t have the private key, then it would be impossible for the government to get it.Then the math says, to decrypt that data is essentially the same as being able to factor into a product of prime numbers a product of two, large prime numbers, and considerable evidence is that no one knows a practical way to do that.Basically, then, my encrypted data is to anyone else just useless gibberish as in the example here.Governments can pass all the laws they want, but once I’ve scrambled that egg, no one can unscramble it. And Apple, Microsoft, Intel, smartphones, etc. aren’t involved. It’s just some math.

        1. JLM

          .It was not hard to decode.JLMwww.themusingsofthebigredca…

          1. ShanaC

            If the key was made with a mersenne twister in 64 bit, it currently would behttps://en.m.wikipedia.org/…

      6. ShanaC

        Personal Guess, the nsa is also doing it poorly, which opens a whole different can of worms

      7. bonnie1

        And sharing that NSA data with FBI, local police…..

        1. JLM

          .NSA is too high brow to share w/. the FBI or local police. They only work w/ the CIA, DIA.Look at the term of appointment of the head of the NSA. They outlast anyone.JLMwww.themusingsofthebigredca…

          1. haliphax

            They don’t have to intentionally share – the FBI can subpoena their records once they’ve been entered. Free for all ensues.

          2. JLM

            .The FBI wouldn’t know what records the NSA has or where they are kept.The NSA is a power unto itself. As is the CIA. They are both intel.The FBI is domestic law enforcement.The head of the FBI would go ask but it would be no assurance. Snowden cracked that egg.JLMwww.themusingsofthebigredca…

    3. Jaikant Kumaran

      Historically, phone companies have given a backdoor to law enforcement. Telephone switches have a feature called lawful intercept, which enables law enforcement to listen into phone calls. https://en.wikipedia.org/wi

    4. SubstrateUndertow

      We are entering new territory here !Encryption is a digital technology. It is all-on or it is all-off`, 1 or 0. That is the nature of the beast. Either the state/everyone can gain full remote microscope drill down on anyone powers or no one gets that remote microscope drill down on anyone power. This stuff leaks and we all know it!Our digital devices are becoming a virtue boi-extension to our brains/minds. If we were to invent a technology to read peoples thoughts should the state demand the absolute right to access our thoughts because after all the bad minds can not be allowed to go dark? This decision is that decision. The only question is whether we have the collective introspection to recognize that fact in its larger context.This is our digital network-effect “Magna Carta Moment”.Yes that decision is hard!Yes that decision will cost innocent lives !In the name of 2nd amendment rights Americans seem to be willing to absorb 33,000 deaths a year as the cost of defending that principle. Apparently 4th amendment rights have far less absolute democratic value than 2nd amendment rights. That seem totally upside down to me. Maybe went terrorism is consuming 33,000 lives a year you might reasonable start having that trade-off debate?The president’s argument”Before smartphones . . . . law enforcement can appear at your doorstep and say we have a warrant to search your home”Before smartphones the police could not do that search and seizure remotely and secretly without the person/target even being made aware of the states actions against them. Nor could they do it on a mass scale with iteration. Even more importantly the criminals could not mimic that search and seizure behaviour with opaque ease. Oh and by the way do all other state actors get the same access rights as the US government ?Maybe we should do a poll of Americans who grew up in East Germany. Their experiential sensibilities might be very informative here. Lets also appreciate the fact that these cyber-tools are orders of magnitude more intrusive/pervasive that anything the East German state had at its deposal. Oh thats right, it can’t happen hear just go ask Donald Trump :-)And when the inevitable distributive democratic-governance App-Tools start to surface, oh-boy talk about dirty tricks. That kind of shuts them down even before they arrive. As I say this is our cyber “Magna Carta Moment” !

      1. sigmaalgebra

        Not really: You seem to be considering essentially only commercial products such as an iPhone. Sure, maybe there will be a law requiring an iPhone back door.But: See my earlier post here: Each person with just beginner programming skills can have rock solid encryption totally beyond any laws or activities of any government or any other thing, group, or person. All governments could do would be to outlaw typing in software, and lots of luck with that. Do it yourself (DIY) and/or roll you own de/encryption can no more be outlawed or stopped than six egg omelets with butter and orange flavor from my own hands in my own kitchen.

        1. Fernando Gutierrez

          Exactly. It would only make average joe more unsafe, the real terrorist won’t care. If someone is willing to kill and want to use encryption (btw, most terrorist have been proven to use really unsafe comms), it doesn’t matter if it is forbidden, he will use it anyway.

          1. JLM

            .’The vast majority of communications, files, data being used by terrorists and professional criminals is being safeguarded in unauditable safe places like DropBox — just better and more “dark.”The reason is obvious — no audit trail of phone, text, email. Cloud protected and instantly destroyable.This is exactly the way the head of the CIA (Gen David Petreaus) communicated with his mistress. Love notes on a secure cloud based DropBox like app. He lied to the FBI about it and that was more than half of the reason why he ultimately pleaded guilty.JLMwww.themusingsofthebigredca…

          2. ZekeV

            Are you being facetious? From what I read, Patraeus left messages unencrypted, in the clear, on shared accounts with his mistress. This is the same technique that according to 9/11 report some of the terrorists used (leaving gmail drafts in a shared folder without sending). This is slightly more secure than sending an email, but obviously is not the dreaded black box or “dark” Internet.

          3. JLM

            .You may be confusing the facts.Petraeus took his “desk copy” of his work notes home and left them in a desk at his home whereupon his biographer/mistress consulted them.The contents were highly classified.He was charged with failure to safeguard classified information.[BTW, information is classified. Documents which contain classified information are also classified. “Position” documents — e.g. the notebooks of a 4-star general or the musings/emails of a Sec of State) — are always classified. Some are classified at a “housekeeping” level and then raised after the fact.Paula Broadwell, the writer, was writing a biography of her man and there is no evidence that she actually used the material. It does no show up in her laudatory book.The FBI thought they were emailing but, in fact, they were communicating with docs left in cloud based files. This is what Petreaus lied about.JLMwww.themusingsofthebigredca…

          4. ZekeV

            I read (in Slate, which may be misinformed and often is!) that they communicated using shared email and dropbox accounts, without bothering to encrypt their communications. That is, their info was available in plain text both on the server side, and to anyone who could obtain their login info. Unfortunately it is not terribly surprising that an otherwise accomplished military figure would nevertheless engage in risky behavior when it comes to securing info about his risky personal behavior.

          5. JLM

            .You are over complicating the analysis. Soldiers engage in the 3 F’s.Fighting. Feeding. Fornicating.He was on #3 and in twenty seconds ruined a reputation that took thirty years to build.Slate?I can assure you that the head of the CIA is not using gmail.JLMwww.themusingsofthebigredca…

          6. Fernando Gutierrez

            You’re the only person I know that has several sets of triple Fs. I’ve read you before Flies-Floats-Fornicates and now Fighting-Feeding-FornicatingCompletely off topic, I know, but I could not resist 😀

          7. JLM

            .Civilians v soldiers. Notice the commonality of fornication.JLMwww.themusingsofthebigredca…

          8. Fernando Gutierrez

            I was gonna point that out, but I felt I had already derailed the discussion enough… and I knew you would 🙂

          9. ZekeV

            From the Wall St. Journal:”They learned that Ms. Broadwell and Mr. Petraeus had set up private Gmail accounts to use for their communications, which included explicit details of a sexual nature, according to U.S. officials. But because Mr. Petraeus used a pseudonym, agents doing the monitoring didn’t immediately uncover that he was the one communicating with Ms. Broadwell.”

          10. JLM

            .Petreaus has always maintained that he and PB were not intimate until he became the head of the CIA which many find not bloody likely as she visited him in A’stan many times. She was a West Pointer with a high security clearance.There were two different inquiries — the PB Jill Kelly investigation and the investigation when the FBI stumbled on to his communication style when he was head of the CIA.I concede the point that if the WSJ said it, it has to be true.JLMwww.themusingsofthebigredca…

          11. PhilipSugar

            Maybe a server in somebody’s basement….

          12. LE

            Paula BroadwellNotice how her name would be great for some cheap novel.”Broad” (woman) – “Well”. (“Well” can mean “good” or it can mean some depository for semen).Also for that matter “Petraeus” (“betrayus”)

          13. Fernando Gutierrez

            Not sure if really more dark in all cases. What I read about Petraeus and mistress is that they just used the draft folder in a gmail account!

          14. JLM

            .Do you think the head of the CIA is using gmail?JLMwww.themusingsofthebigredca…

          15. Fernando Gutierrez

            Not for his job I hope, but maybe for communicating with his mistress. I know I read that somewhere, but you never know the trustworthiness of media. I would think that someone with such a job would know better, but Brennan used AOL and Hilary Clinton her own unsecured server, so I’ve lost all faith on certain kind of people.

          16. JLM

            .All of those things require a SPECIAL KIND OF STUPID and elitism of which there is no shortage in DC.JLMwww.themusingsofthebigredca…

          17. Fernando Gutierrez

            Humans are stupid, even outside DC. That is why I distrust government, law enforcement or the pope to keep anything safe. They will fuck up.

          18. ShanaC

            Dropbox is auditable under the right circumstances. They sell to law firms!

    5. Greg Naughton

      It’s like saying, you can’t design your product using these strategies, because they lock everybody out. Physical law always trumps every other feeble human-bound concern. If an algorithm is stronger than practice, so be it.I would like to point out that thusfar the NSA have demonstrated at every turn their aim to misrepresent the extent and aim of how they use and collect data. Basically their strategy is to admit to one thing for every ten they scoop into their tax-payer operated data centers on the down-low. As long as nobody catches them, they believe from their pov it’s both ok and legal. The protections afforded by the US Constitution have been completely subverted by bad actors.

      1. JLM

        .You are vastly understating the capabilities of the NSA. Look up how long an NSA head is appointed for and ponder why.JLMwww.themusingsofthebigredca…

        1. sigmaalgebra

          Still I doubt that the NSA has found a practical way to factor a product of two large prime numbers, and that simple, blunt fact solidly means that anyone with just minimal programming skills can tell everyone else after that person’s encrypted information to go pound sand, suck sewage, play pocket pool, cry in their beer, throw a tantrum, or anything else they want that is useless and irrelevant.

          1. ShanaC

            No comment about factoring…..

          2. sigmaalgebra

            I have recently received a truly marvelous way of quickly factoring large integers into a product of primes, but there is no room in a post here to give the details.

          3. ShanaC

            no comment because I may or may not have connections to people who may or may not end up in places like State, DoD, NSA, and DARPA/IARPA – short and long term hiring.This shouldn’t be surprising – the various military-intelligence branches of the government are THE LARGEST recruiters of new mathematics phds who do not end up teaching/post-doc track, depending on the area of the phd, who are definitely US citizens. The biggest problem is that many do not want to stay more than 2ish yearsl because they thinking working for the government sucks. n fact for some math phds, they are more likely to go into government after graduation than go into finance or tech or teach.In fact the fact that they do rexcruit is very very publichttp://mathbabe.org/2012/08…They OBVIOUSLY have new factoring methods/better versions than what is talked about publicly. The extent of what kind and how they work… that’s actually a national secret, unless you get a lot of people drunk and are really charming. And I don’t get that many people drunk, thank you.

          4. sigmaalgebra

            BTW, I responded to an LE post about being Italian. Disqus got totally confused; it deleted my post; I kept resubmitting; it kept deleting; about an hour later all my submissions appeared. For the duplicate submissions, I deleted the text, but the images from the URLs of some still images and some video clips at YouTube still appeared. So, sure, please delete those versions with no text.FermatShana, to be clear to others, my post you responded to was a take off on Fermat’s remark about his last theorem in the margin of a book.Factoring IntegersFor finding a significantly better way to do factoring of integers into a product of primes, I can’t believe that any government agency has anything or will have.Why? In short, from huge experience, such research just doesn’t work that way.For more, we have to keep in mind, the problem of fast factoring has been of high interest in number theory since the ancient Greeks.Broadly there are two cases, (1) a simple solution and (2) a complicated solution.(1) Simple Solution.Might some guy have a bright idea in the shower and come up with a just totally unexpected, astoundingly clever, brilliant solution?Nope.Why? Essentially every interested math student since the ancient Greeks has tried to do just that and failed.No doubt Gauss and Fermat tried.Just from empirical observation, there is a fact of life about simple solutions: There are only a few of them, and for any important problem every good researcher who tries very hard just comes up with the same old ones.Let’s have some examples:(A) The rationals are countable. Sure, use the Cantor diagonal process.(B) The reals are uncountable. Sure, Cantor again.(C) The continuum hypothesis. Yes, do what P. Cohen did, essentially forcing.(D) Every vector space has a basis. Of course, use a version of the axiom of choice.(E) In a separable metric space, each closed set is the union of a perfect set and a set that is at most countable. Consider points each neighborhood of which has uncountably infinitely many points of the set.(F) There are no countably infinite sigma algebras — another simple use of uncountably.(G) If there is a countably infinite basis for a vector space, then there is an orthonormal basis. Just Gram-Schmidt.(H) There exists a function that is differentiable everywhere but whose derivative is not Riemann integrable. Yup, realize that a function is Riemann integrable if and only if it is continuous everywhere except on a set of measure 0. So, need a differentiable function whose derivative is discontinuous on a set of positive measure. So, start with Cantor sets of positive measure.(I) A uniform limit of continuous functions is continuous. Sure, a 3-epsilon proof.It goes on this way: For famous results with simple solutions, there are no more than a few solutions and they are all commonly reinvented.Lesson: For fast factoring, there are no simple solutions.(2) Complicated Solution.(A) Okay, there was Fermat’s last theorem. A. Wiles knocked that off and just won the Abel prize.But Wiles stood on the shoulders of giants, that is, made use of a major subfield of math constructed by many researchers. Moreover, some of the leaders in that field sensed, smelled, etc. significantly in advance that the approach Wiles took would work.(B) G. Perlman knocked off the Poincaré conjecture, but last I heard people at Courant and elsewhere sensed, smelled, etc. well in advance that the approach Perlman took would work.(C) In 1945 Kakutani observed that a Markov process could solve the Dirichlet problem. Then, 30 or so years later, from Getoor, Doob, and others, the work was all well polished. All the 900 pound gorillas in the field knew that Kakutani was right for many years.Lesson: For a big famous problem with a complicated solution, the solution has to stand on the shoulders of giants in a significant sub-field of math, and there the 900 pound gorillas will see the possibility of the solution well in advance.Well, the mathematicians who take jobs in Fort Meade, MD are not the 900 pound gorillas in number theory.So, when there is a possibility of fast factoring, the 900 pound gorillas in the appropriate subfields of number theory, etc. will know about it and do it, and then the rest of us will be able to read about the solution on the front page of the NYT.More generally, running a good research shop and hiring good researchers is not easy. By a wide margin, the best at this challenge are the best research universities. With a few, rare exceptions, business and government are just hopeless.E.g., nearly no one in business or government is a good researcher, and, thus, nearly all the people in such organizations think that a good Ph.D. program in a world-class research university is something like the school they knew in K-12, college, MBA, etc. Nope. A good Ph.D. program is about just three things — research, research, and research.Indeed, the best US DoD and DoE research labs are in fact run by universities — Los Alamos, SLAC, Argonne, Oak Ridge, JHU/APL, etc.

          5. ShanaC

            I’ll fix the wierd comment issues, and if I can’t I’ll send it to the helpdesk at disqusThe Fort Meade people are jokers. None of these people are necessarily at Fort Meade.There are definitely number theorists (and others), including up and coming ones, who go back and forth involving DoD type work part time, even if they have full time appointments elsewhere. Or they start in the NSA, get an assistantship, leave, ect. Grant money is grant money. *shrug*And it sounds like A. Wiles definitely deserves the Abel Prize this year :)Who do you know at courant?And remember – now that amazon has Secure Servers that are in the US and you can choose to only use those, the US government also uses them too. Fast becomes slightly more open ended vis a vis cryptography when you can get a lot of parallel GPUs up and running on Amazon paid for by the US taxpayer.And as I said, there are reasons I think what I do, and I stand my previous may or may not comment

          6. Prokofy

            Did you state your position on the Apple v FBI controversy? I didn’t see it. Are you for cooperation as Fred is?

          7. ShanaC

            nope. I did not

          8. ShanaC

            Also as food for thoughtFermat’s last theory was proven in 1994, when my brother was 4. My brother is now entering an applied math phd program. I would have been 7-10.My fiance is one year older than me, and while he isn’t a number theorist, UMich does graduate number theorists from the phd program. He’s had post docs and significant research.So in that time, a whole generation of younger mathematicians, including number theorists entered a world where as soon as they became conscious of math for reals, Fermat’s Last Theorem was already proved, and they were working on totally different problems. Plus nearly all of those mathematicians came of age during a phd program timing where Amazon finally was starting to release computing power via API, as well as the development of theorem provers via Coq.Even if they are building on the shoulders of giants, and everyone gets a wide view before it happens, the environment they are in would make it guessable that they could factor, because they have a very different toolset to try compared to 1994.

          9. Prokofy

            The government should work harder at attracting these people, who are smarter and more educated and more able to be reasoned with than crypto anarchists among script kiddies and uneducated hackers like Snowden. Currently Hayden and others talk about the need to recruit hackers for the CIA or NSA and essentially “turn” them and “make them do good.” History shows us they don’t turn and don’t do good. Mathematicians might, although there are some notable bad apples there.What would it take for mathematicians to become more civic-minded? If high-paying secure jobs are not enough for them.

          10. ShanaC

            It isn’t the security of the job as much as the following1) compared to a finance job/startup job/tech job, they are in some ways underpayed (in some cases, the benefits are better, in many cases, worse)2) A lot of people want to work in the open and collaborate on open papers – unless you are say somewhere like Los Almos, you can’t do that. A really good example of this is that there is an NDA on my fiance for something involving the government that my fiance did as a grad student interning that would put him among the earliest people doing some very specific areas of math and data that are now very popular techniques. That NDA will expire I think this year, but if it never existed, his resume would have looked very different coming out of grad school, and both his academic and non-academic job offers would have been different, as well as long term choice of collaborators. (It all worked out fine, it just is interesting to note that things would have been very different if it were not for those policies)3) Not everyone agrees with the use of the math in the long term, even if they are civic minded. Some people will not take jobs for that reason alone, or only do specific kind of work with the government, because that is how they feel. They are happy to help the government do genetics research to increase public health, but no spying. Unfortunately, that may not be where the jobs are. Such is.

    6. David Semeria

      Well played, JLM.As you say, we’re putting our faith in the judges to uphold the constitution, not the government.

  6. Salt Shaker

    Hallelujah! It’s okay for companies to exploit your data for financial gain but it’s heresy to use it to catch potential terrorists who want to kill innocents. IMO there’s a fair amount of industry hypocrisy here by all the major players (APPL, FB, GOOG). APPL now derives 2/3 of its rev internationally, with China its biggest growth market. Post-Snowden there’s perhaps even less trust of the U.S. Gov’t overseas than there is domestically. I’m a fanboy and a shareholder, but let’s not lose sight that this is just as much, if not more, about APPL protecting its biz and international growth than adhering to constitutional imperatives.

    1. christopolis

      Yes, it is all about those terrorists who were using Facebook to communcate.oh and drug dealers. oh and then maybe a political enemy or two”A federal judge on Monday rejected an FBI request to order Apple to open the iPhone of a drug dealer “

      1. Salt Shaker

        Probable cause is the issue. No one is advocating a police state here. A judge will determine if there’s probable cause and whether the need for public safety trumps privacy. Don’t know the specifics of the case you cited, but it sounds like the system worked.

        1. christopolis

          yep. once they have the power they will absolutely go to a judge to use it.Just like the NSA. Good golly.

        2. LE

          No one is advocating a police state here.Some of the discussion online about this (for example on HN) is most certainly being driven by tech people who comment and live in other countries that are quite different either currently or in the past with respect to government abuses. As such they voice an opinion here and are able to change the mind of some of our citizens.

      2. JLM

        .Which should give folks a sense of security that gov’t requests are not being rubber stamped by the judiciary, no?JLMwww.themusingsofthebigredca…

        1. christopolis

          Your trust in government which is a collection of millions and millions of people each with their own agenda is truly confounding.

    2. LE

      if not more, about APPL protecting its biz and international growthI am wondering to what extent this is also driven by Tim Cook being a recently out of the closet gay man. I can see someone who has had to go around with a hidden secret for all of those years being somewhat biased toward privacy in a way that others might not be. Ditto for the fact that Apple for many years was a notoriously secret company with products under Jobs and it formed the basis for some of their success.

      1. Joe Cardillo

        Possibly, but (while we’re speculating=) maybe a big factor was also the decade plus of having to respond to secret requests from gov’t agencies that were on fishing expeditions. Narrow + tailored was always the wiretapping / warrant threshold, and there’s plenty of evidence that FBI and others saw in web + mobile data an opportunity to do massive data collection (which may or may not be that useful) with very few constraints or explanations…PATRIOT Act being one of the biggest examples of massive power with “hey it worked and we stopped terrorism but we can’t provide any details whatsoever on how” type results.

      2. SubstrateUndertow

        Please ! ! ! ! !

        1. LE

          Please what?

    3. Sean Saulsbury

      “exploit your data” — sorry, you don’t get to claim this when you voluntarily provide it to them.

      1. Salt Shaker

        Oh please, how many people fully comprehend or vet a company’s privacy policy? Most would be shocked to learn how widely disseminated their data actually is. In many, many instances, there’s a lot more inherent trust there than is warranted.

        1. Sean Saulsbury

          You don’t seem to have a problem comprehending it. If you can do it, I’m know others can too!

        2. p3825

          Wait, are you sure you want to go there? How many people fully comprehend when a police officer says “We are not trying to charge you with anything. We just want to talk to you.”There is no reason law enforcement should get to use a “mind channeling machine” to look into the minds and thoughts of whoever they want. There is no crime in communication and if someone commits physical violence, then there should be actionable evidence without going into mind reading (which is essentially what the anti-privacy people are asking).https://youtu.be/6wXkI4t7nuc

          1. Salt Shaker

            You’re conflating issues. We’re talking about a warrant issued by a court judge based on probable cause, not about some cop on the street. Oil and water.

          2. p3825

            You were the one who brought up “how many people fully comprehend or vet a company’s privacy policy?” well how many people fully understand all the ways prosecution can pin you with a conviction?These are not different like you say “oil and water”. We all know about overzealous prosecutors. We do not want otherwise innocent people convicted (or worse forced into a bad plea bargain) because of unrelated things found in the defendant’s phone.But let’s say you don’t care about innocent people going in prison or guilty people getting away. How can anyone build a backdoor that only opens with a legal court order? I am very disappointed in President Obama as well as in Fred Wilson because we all know this cannot be done. I’d love to be proven incorrect here. Thank you.

          3. Salt Shaker

            There’s hypocrisy in how your data is already protected. It’s there to monetize, not to protect. Our system is flawed, admittedly, on many, many levels. I’m an advocate of fixing it rather than continual condemnation.

          4. scottythebody

            This isn’t about the data on Google’s servers that is being monetized. This is about an individual’s personal data on her own device. Totally different thing.

          5. LE

            You (and I) are arguing with people who came over from either Hacker News or reddit. As such they have been brainwashed by what they have read over there time and time again. Ever hang out there? It’s total anti government in every way possible. You’d think they were rounding people up and charging them with crimes each and every day “see it with my own eyes”.While there is truth to some of what they are saying of course, most of them are probably simply taking it with no nuance at all in terms of actual practice in real life. The devil is in the details.

  7. iggyfanlo

    As usual, the President has a thoughtful, well considered opinion and it’s the proper prescription for this country

  8. Emily Steed

    I agree with you Fred. 100%.

  9. Kurt Stangl

    This is yet another issue where everyone is concerned on how the government collective is going to deal with this in a climate of the government continuously demonstrating themselves to make poor decisions. Our lawmakers en mass often appear, generally, like a ship of fools. Regardless of the intelligent discussions that are happening, the machines of our governance need to spend more effort trying to be competent.

  10. Steve_Dodd

    Fred, thanks for calling this out!!!! Your perspective is right on! We’re all in this together and need to start thinking like it instead of being so self serving. Thank you sir!

  11. Fozdex

    “If society thinks someone is doing something wrong, and if law enforcement can get a warrant, there should be a mechanism to get access to our devices.” True. Unfortunately it is the government who has subverted this mechanism by asserting extra-judicial powers to raid our information with impunity. Until there are transparent checks on this power, tech companies have no choice to include encryption protections in their technology because they are the only way to protect civil liberties.

  12. pointsnfigures

    I recall your other post and my initial reaction to it. I read Brad Feld’s post, and other posts on the issue. I also saw where Apple was working with the Chinese government, and how there are other phones out there that the US govt wants them to break into.I rarely agree with our current President. But, in this case I agree with Rand Paul and him at the same time.Get a warrant. Go before a judge and make your case. The judge represents the people. If the judge issues a warrant, then unlock the phone.However, I am very sensitive to what Brad talked about. Once it is known how to unlock the phone, there might be no stopping that code from getting out into the mainstream. Then no one’s privacy is safe. I want to know a lot more about how to manage that before I agree to going ahead with a warrant.

    1. Pranay Srinivasan

      This is exactly my argument. (Courts are much less honest in other countries who might gain access to your data in your iPhone)

    2. LE

      Once it is known how to unlock the phone, there might be no stopping that code from getting out into the mainstream. Then no one’s privacy is safe.That’s a red herring. First and foremost you have no privacy as Scott McNealy said so “get over hit”. Second this idea that Apple can design the products that it does but there isn’t a combination of both a technical and operational way to make this work is absurd. (Secret room with eyeball scanners at Apple?) Of course there is a way to design a device and keep the secret sauce under wraps. People should be more worried about some rogue element in a foreign country breaching nuclear launch safeguards and the results of that happening then having their stupid fucking credit cards and “important” data on their cell phones hacked. Or the electrical grid being hacked.

  13. ZekeV

    The mainstream discussion on this issue is full of misinformation on both sides.Yes it may be possible to build a key escrow system that allows for snooping based on legal process, and critically, without using a weakened crypto implementation. Badguys may be able to gain access to the escrowed snooper keys, but this is not a “backdoor” in the sense of encryption with a systemic mathematical weakness. So I think it’s possible some version of Albert’s suggestion could “work” (leaving aside the question of Constitutionally-protected rights).On the flip side, to call e2e encryption proponents “absolutists” doesn’t get us anywhere. It is like calling Ben Franklin a free speech absolutist. Should I be compelled to recite the private contents of my thoughts? That’s what this is about. Or if you want to quibble with this formulation, you might say it’s about whether giving up encrypted comms is equivalent to the private thoughts in one’s head. I think that it is.The government does not need to mandate key access in devices, in order to catch badguys. There are other ways, just as there were before the advent of widely available encryption software / public key cryptography. If two badguys like to meet up in person to have a personal conversation in a crowded bar, are you going to mandate that bars install hidden microphones? Well yes — if you’re the East German Stasi, or something.The danger that I think Fred overlooks: government will pass laws that make it impossible to own a general purpose computer. No “manufacturer” of such a device will be permitted to let users run their choice of software. It will be mandatory to use government-approved hardware with a firmware blob implementing the warrant-key access functionality. This seems contrary to the Internet / computing freedoms that are normally advocated in this space.

    1. Kris

      > Yes it may be possible to build a key escrow system that allows for snooping based on legal process, and critically, without using a weakened crypto implementation.Correct, you could use PGP to satisfy the use case of escrow keys but Albert’s idea is still highly insecure for reasons outside of the encryption algorithm.First, multiple parties now have access to this universal key. All device manufacturing is done in China; why wouldn’t the Chinese government require all of these unique keys to be recorded?Second, the way PGP works is the data is first encrypted with a randomly generated key then each person with access to the data uses their key to encrypt the data’s key. This would mean a device coming from manufacturing with an already set key will lose its escrow key unlock-ability should the user reformat the device (you’d have to get the escrow key to re-lock it after replacing the encryption). If you didn’t allow the ability to re-format then essentially if the user forgets their code or password the device would be bricked.This doesn’t even begin to figure out how you take a key generated during manufacturing and return it back upon lawful request. How are keys transmitted from China or America for this claim? Don’t forget the Chinese government can now also unlock all phones because they can compel the same company to release the key to them for each device they want access to.This entire argument is a shit-show. It’s simply not possible to do this in a secure way.

  14. kevando

    Yeah. Obama also said this in this in the same speech.”..discussions of encryption had become more difficult since the revelations of Edward Snowden..”http://www.theverge.com/201…

  15. mrclark411

    I think a big part of the pushback to President Obama’s position is that Mr. Snowden showed us that the government abused current powers (not seeking warrants and surveilling US citizens using military/spy agencies). Why would we authorize even more of this?

    1. LE

      I have yet to see how the governments abuse of those powers detailed by Snowden impacted anyone that I know or anyone in a way that I have read about anywhere. Period. Of course government abuses power. [1] Why do you feel that a little abuse of power in itself (if it prevents something much worse from happening) is bad? I don’t.As I have said before this idea that the government can and will use all of the info they slurp up is absurd. They don’t and never will have the resources to do that.And in any case despite whether you or anyone agrees with what I am saying the fact is that what Snowden did was illegal and he had no right to handle the disclosure of this info in the way that he did. Period. And not that is not a contradiction of what I am saying regarding the government.[1] Just like businesses cheat you. The idea is you just hope you aren’t ripped off or deceived to much. And of politicians act with their own agenda and in their own self interest. Just hope they are not to much of a pig about it. Employees? Hope they don’t cheat to much on their expense reports. People are not perfect of course people will stretch the limits of what they will try to get away with.

  16. LIAD

    #1 the argument:’law enforcement have always been able to access our stuff in the past thus should always be able to do so in the future’seems to me just as dogmatic, absolutist and unreasonable as the opposite”now we can stop law enforcement ever accessing our stuff it’s absolutely right to do so”#2 analogue age rules don’t always fit well in the digital age.there are some very reasonable concerns over misuse of powers that only exist in the digital sphere and need to be looked at sympathetically.#3 the president is completely right though about it being prudent to try and fix the roof at a leisurely pace whilst the sun is shining as opposed to being forced to do it violently during a hurricane.

    1. Andrew Graziani

      You make a good point about the increased risk of broad surveillance in digital world that was practically impossible in the analog one. It seems to me that the only real-world way to deal with that reality is judicial oversight. All of the other alternatives strike me as too black or white.

  17. Tom O'Keefe

    Without weighing in on the core point of contestation here, or the more vitriolic parts of this exchange, I’d challenge you, Fred, on the claim that this legal “framework… has worked in our society for hundred of years.” What about the Alien and Sedition Acts (or the bizarre current use of the All Writs Act)? Or Jim Crow? Or the jailing of leftists during World War I? Or McCarthyism and blacklisting? Or COINTELPO? Or slavery, which was, after all, propped up by a legal system that functioned in this country as a whole until 1861? The list of law enforcement violations of our basic rights could go on for a long time. As for Obama’s point, I have great respect for his intellect, and some remaining hope regarding his underlying intentions, but in the form of the programs Edward Snowden’s revelations laid bare, there are already “dangers to our civil liberties”. Neither blaming Obama for what very well may be out of his hands, nor accepting at face value Apple’s claim as principle- rather than profit-driven, but think it’s important that we stay critical about our collective history lest we inadvertently exclude voices that need to be heard.

  18. bobmonsour

    While I agree with Fred, I think that a major challenge has emerged since the Snowden revelations. The degree of trust in our government (law enforcement, NSA, etc.) has declined dramatically (not that it was that high beforehand). The basic assumption being made by both the President and Fred is that whatever solution is developed will not be misused in order to undertake things like mass surveillance. We are one of the few countries that seems to be grounded in the rule of law. As we lose trust in those who are in charge of creating and enforcing those laws, it becomes very difficult to bring the two sides together to develop a solution. But, like Fred, I think it’s vital that we rise above the lack of trust and find a way forward before the loonies in Congress come up with more of their less-than-thoughtful answers.

    1. JLM

      .Almost everything that Snowden revealed had to do with intelligence gathering and not law enforcement. He was a contractor for the CIA not the FBI.JLMwww.themusingsofthebigredca…

      1. bobmonsour

        My point was about trust and the lack of it, in government, whether it be law enforcement or intelligence gathering. My sense is that the fear of mis-use of any of these tools by “government” is what is driving the absolutists.

        1. JLM

          .It is very deep and I agree with you.I love my country. I served my country.I do not trust this gov’t.JLMwww.themusingsofthebigredca…

  19. christopolis

    We also need to do something about fires and hammers!

    1. SubstrateUndertow

      Don’t forget cars and crowbars 🙂

  20. Humberto

    its not absolutism. the government has never, ever had a right to demand the lock for your locker, your home, etc. They can try to break it down, but its on them to do it.

  21. OurielOhayon

    +1 fred. 100% agree with you.

  22. JoeK

    Ultimately, there are 13,000 gun deaths a year in the US, and yet the US legislature has proven incapable of taking any of the obvious steps to reduce this number just to placate the beliefs of some.Isn’t encryption a red herring here?These two individuals easily bought over 5000 rounds of ammo and a couple of assault rifles, and yet we are now pushing for the governments worldwide to be able to access anyone’s phone, at any time, for any reason (warrants overseas are abused on a daily basis by authoritarian regimes).

    1. christopolis

      is the government going to need access to 8000 gun deaths from people commiting suicide as well? that 13,000 number is bogus. Why flaunt it?

      1. JoeK

        Of course the suicide numbers matter too – they are as harmful and traumatic to the fabric of our society as deaths at the hands of maniacs. Every year hundreds of teenagers in the US kill themselves using weapons owned by someone else. Suicide is the second leading cause of death in the 15-34 age group in the US.

  23. LE

    But my meta point here is that I am saddened by the tech sector’s absolutist approach to this issue.Agree 100%. Reminds me of rejection of common sense gun laws by the gun lobby and the NRA. [1][1] Although I understand at least strategy wise why they (gun lobby) act that way. With the tech lobby I see it more as a “revenge of the nerds” situation whereby techies enjoy the power that they have over people. Which has always been the case by the way. It’s partly a power play and partly a marketing play (which is not the case with the gun lobby).

  24. LE

    I for one despise how these large powerful US companies (Apple, Google, Facebook) are able to thumb their noses at the requests of the US government in ways that a typical company would never be able to do.As a result of:a) having gobs of money to pay the best lawyers and b) a large customer base c) a large footprint media wise as a result of “b”.Not something that a typical company, even a large one would be able to pull off with only two of the above three factors.

    1. 181

      Considering how the US government thumbs it’s noses at the Constitution and Bill of Rights, I’m glad the people have SOMEONE representing their Constitutional rights.The NSA was already caught illegally spying on all Americans yet not a person was punished for it.

  25. RichardF

    Your probably right but western governments haven’t done themselves any favours. The assumption for many people in the tech sector is that the NSA and GCHQ are a meaningful start of a big brother state and that civil liberties are being eroded under the justification of the prevention of terrorism.

  26. christopolis

    says the guy invested in duckduckgo and bitcoin, Do as I say not as I do!

  27. TeddyBeingTeddy

    The only thing we have to fear, is fear itself…and the people afraid of authorities knowing the contents of their phone (e.g. terrorists, child porn freaks, and various other criminals).

    1. Collin

      Uh, no. Not even in the US is that true, but you also forget the fact that there are terrible regimes all over the world that would use this access to terrorize political opposition, dissidents, LGBT activists, people fighting for women’s rights, etc. This whole idea that the only people who want privacy are bad actors looking to hide illegal activities is patently absurd.

      1. TeddyBeingTeddy

        If you were a bad actor, where would you act badly…in a country where legal authorities cannot access your info…or in a country that could? To Fred’s point, why aren’t you protesting about search warrants – or car searches at the boarder? Or the TSA at LGA? Wake up, the very reason you feel comfort in the US is because so many folks are working tirelessly trying to protect it, and part of that is by exposing bad actors.

        1. Collin

          I’m not objecting to those unreasonable and BS searches? That’s news to me. Privacy is more important to me than some pretend sense of security. We’re already basically living in a dystopian reality, but I’d like to prevent the future from being worse.

  28. giffc

    Albert’s post, especially with splitting the keys, is reasonable but what keeps me on the opposite side of this position from Obama (and I guess Fred) is the amount of information that is now available. Physically wiretapping a phone was laborious and only presented limited information (and criminals knew how to work around that too back then). But the amount of data being collected on us now is huge. And trying to preserve some sort of safe back door with complex schemes… well in my experience once security starts getting overly complex, humans start doing workarounds which defeat the entire purpose and expose even greater risk. A surveillance society cannot be a free society, so I think this is too dangerous.

    1. Salt Shaker

      Re: A surveillance society. Not sure where you live, but in most major cities today you can’t walk two feet without being surreptitiously videotaped. Not advocating, per say, just stating facts and reality.

      1. LE

        Yeah I was going to say the same. Committing crimes is not what it used to be. Imagine that you decide to commit a murder or some other gross crime? What’s the chance of not being picked up by a million security cameras as you drive to do the deed?One of my rental properties has several tenants in it and one tenant is a psychiatrist. Toward the end of the year for tax reasons I decided I wanted to install cctv cameras in the building to monitor (for safety reasons) what was going on. There are a few women that work late at night and the door is always open so I thought it was the right thing to do (in addition in all honesty to the tax advantages). I wouldn’t want to work there as a man with an open door but that is how these professionals operate (good neighboorhood).So I send out a letter saying I would be doing that and one tenant freaks out and says it will violate HIPAA to have the camera. I bat that down and he gets his lawyer involved who attempts to find some angle that the law will be violated. Since I only had a few weeks left in the tax year and didn’t have time to fully vet the issue I dropped it.Bottom line? I suspect the psychiatrist tenant simply didn’t want his own behavior monitored and that was the reason that he freaked out (reason being he didn’t like any potential modifications to alleviate the HIPAA issue that I mentioned). He simply protested to quickly and to much.

    2. ZekeV

      I am skeptical that the actual legislation on this would fit Albert’s ideal prescription. Also am highly skeptical that tech companies would implement such a key-splitting or multi-key system in a secure manner, even if theoretically it is possible.

    3. ShanaC

      to some degree, you’re only a surveillance society if you notice the surveillance (hence the whole point of a panopticon)Do people notice the types of panopticons and how they work, what they, ect?

  29. Rob Underwood

    I think the presidential election dynamic comes down to two root issues:- The absence of “robust” growth in wages – flat and even declining wages in some sectors and segments of the job market, coupled with a sense that those “at the top” are hoarding profits to themselves- A near total breakdown in trust in institutions, both private and public.Of course these two issues are related and conflated, and the left and right propose different remedies.Bringing us to the topic of the day, I think this lack of trust, already evident in the comments so far, is clearly a big reason so many are unable to accept even some small concessions to the government (and a corporation as well – Apple would have to keep its hack of its own software safe) in order to fight terrorism. Far too few believe the government or corporations can or will do the right thing.On privacy and tech, I find myself agreeing with Fred in general and in abstract — that we need some mechanism akin the search warrant/house comparison. But I also find myself very sympathetic to the case made by John Oliver last night specific and limited to the Apple/San Bernardino case – namely Apple’s creation of a back door on the fly would 1) would create a precedent sure to be requested of other prosecutors and officials immediately (the Pandora’s Box/slippery slope) argument, 2) create a hack that would inevitably be disclosed and misused, and 3) open up our devices to misuse not only by criminals but also “bad actors” from foreign governments. I guess I too suffer from the afore mentioned lack of trust.Ultimately the real shame is the effect that the bad behavior of the privileged and entitled, both in public and private institutions, has had on public trust. Perhaps this is the moral hazard about which we were warned?

  30. Brandon Burns

    **applause**

  31. harvestgrand

    So, the government is saying “It doesn’t matter what lengths you go through to protect your data, when we want access, we get access.”

  32. ErikSchwartz

    Encryption is just mathematics and politicians can’t really make laws about math.The tech industry piece of this is a red herring.

    1. Twain Twain

      The ideas of law-making and government were formed to be extensions and encompassment of our good, ethical selves operating in open, civil society (from Plato to Locke to modern-day thinking).Yet it’s the machines that now are our extensions, set the rules, arbitrate and decide upon our ethical behaviors.Maths has its definition of ethics — “Who’s a good or bad actor” (e.g., applied in insurance) and “How to win in Go” based on probabilistic optimization — which is different from government and society’s definitions of ethics.Over time, we’ve ceded that maths and the machines knows better than everyone — including the most powerful people on earth — because maths is purely objective and we human beings are too irrational, emotional and biased to know better.

      1. ShanaC

        Applied math does.Pure math kinda just exists in the neoplatonic sense

        1. Twain Twain

          Pure maths (e.g., algebraic sets and ring theory) also ends up frame working the dimensional spaces in which those applied maths techniques operate.

          1. ShanaC

            True, but they treat that frame as a make believe neoplatonic thing, whereas the applied people don’t. Mentality is way different.(watching someone make that switch while still technically working in pure math… there is a huge difficulty in the beginning connecting to “the real world” as opposed to “neoplatonic self” as you watch the gears in head grind)

  33. Anne Libby

    I’m going to side with the nays.The President’s “what if X were to come to power” argument is fear mongering and not helpful.The course of this century in America has shown us that when X comes to power, they’ll do what they do. If we don’t like it, we can only act and speak in ways that we think will serve to dampen the next swing of the pendulum.

  34. tnic99

    Hypothetical situation for anyone who disagrees with Fred’s premise that a balance is needed between privacy and security.Government agents learned of plot to detonate explosives that would completely destroy a home while the family slept inside. They know exactly the time and date this will occur but they don’t know which home in the U.S. is targeted.Scenario A: The government learns illegally that it is your home. Would you want the government agents to warn you in advance?Scenario B: The government learns legally through a court order that it is your home. Would you want the government agents to warn you in advance?Scenario C: There is a phone that happens to have the information that it is your home, the government has a court order to search that phone but is unable to do so because the data is encrypted. Would you change your stance on privacy just this one time or hold your ground on principle?

  35. BillMcNeely

    I think this is the case of the government (NSA) having abused their power in the near past ( Snowden) the tech companies are responding in kind. Not right or wrong but every action has a reaction not always positive.

  36. William Mougayar

    I’m all for discussing and debating ideas, but I get worried when we start to impose excessive laws & processes on 99.999% of us, when they are modeled after the .001% bad actors.The trick is that this gets done without undue friction and without introducing other risks & complexity.I’d like to hear more real examples of cases where unlocking someone’s phone proved beneficial to catching or indicting bad actors.

    1. Tom Labus

      We may never know that that since most of the Carriers have been willingly cooperating (without us knowing about it) with the security services for a long time.

    2. Anne Libby

      I’m all for discussing and debating ideas, but I get worried when we start to impose excessive laws & processes on 99.999% of us, when they are modeled after the .001% bad actors.Yes. And of course, we see this, actually embodied, every time we travel by air in the US.

      1. William Mougayar

        Exactly.

  37. Juan Carlos

    I Would agree with you Fred. I think there is some limitation on our expected privacy and should be held within the norms we have experienced all our lives. Protections against illegal search and seizure should still be protected as they have been, and without a warrant evidence would not be admissible in a trial to protect the party.There is a never ending balance between privacy and protection and we need to be careful not to swing too far one way or another. Lest as the President surmised we may find ourselves in a much worse predicament down the road when the sentiment changes.

  38. JLM

    .Law enforcement has a legitimate right to inspect anything they can get a Judge to issue a search warrant to authorize.Search warrants require the presence of a crime, probable cause that the individual targeted somehow participated in the crime, a description of the targeted evidence, and only then does a Judge consider whether or not to issue the search warrant.This is a deliberative process with a precise decision to be made by a competent third party, the Judge.The search warrant must be presented to the suspect and in very rare instances can a surreptitious inspection be made.When a suspect does not cooperate, law enforcement can batter its way in.Stop right there — in some instances law enforcement uses outside forces to assist their entry as in the instance of certain kinds of locks to be “picked” by a specialist (safes as an example).In this instance, every base has been touched except for the fact that the “lock pick” (Apple) protests that it does not want to cooperate for its own reasons which have nothing to do with the crime itself. Apple is neither the suspect nor the owner of the information.The Judge in this case asked Apple how much it would cost clearly intending to force the gov’t to reimburse Apple.The discussion has wandered way off the reservation as it really has nothing to do with Apple’s business rights to incorporate encryption into its products. It is only about Apple’s duty to assist the FBI in the acquisition of any evidence, if any exists, in the phone of a terrorist.It is really about the right of a Judge to order cooperation with law enforcement.Know this — the phone companies and the banks and brokers and airlines have not only been cooperating with law enforcement for decades, they don’t even pretend to require a search warrant.This is a “how many angels on the head of a pin” type discussion when it is really just a very simple law enforcement matter. Courts can order people to marshal their expertise in the support of legitimate law enforcement efforts at the risk of being charged with”obstruction of justice.”I am an advocate of whatever level of security anyone wants until it rubs up against law enforcement’s legitimate rights to prosecute a crime. Then, the standards are very well litigated.JLMwww.themusingsofthebigredca…

    1. Tom Labus

      How do you feel about the claim that this is just marketing for Apple?

      1. JLM

        .Everything that Apple does, everything, is marketing. I actually suspect they’ve already done the deed and this is all disinformation.If you’re a crook, it has to be very comforting to know that the FBI can’t look at your stuff.JLMwww.themusingsofthebigredca…

    2. Mark Jones

      “Law enforcement has a legitimate right to inspect anything they can get a Judge to issue a search warrant to authorize.” Correct, but Judges, by law and treaty, can’t authorize searching diplomatic pouches; can’t force journalists to turn over documents, materials, or information about sources; can’t force physicians to turn over physician-patient records and communication considered privileged; and can’t force lawyers to turn over records and communications that have attorney-client privilege. There are already limits.We are now discussing whether those limits or standards should be expanded. Some information stored on a phone can be accessed via other warrant-searchable means – phone call records, cell location records, emails, browsing history, etc. So we are really only discussing expanding the standard to limit access to things on a phone that can’t be accessed in some other way.

    3. christopolis

      Yep,there is a system by golly. “A National Security Agency employee was able to secretly intercept the phone calls of nine foreign women for six years without ever being detected by his managers, the agency’s internal watchdog has revealed.The unauthorised abuse of the NSA’s surveillance tools only came to light after one of the women, who happened to be a US government employee, told a colleague that she suspected the man – with whom she was having a sexual relationship – was listening to her calls.”

  39. JLM

    .If one looks elsewhere for a REAL solution, one could stumble on how nuclear weapons are safeguarded.There is a daily national code controlled by the President and which must be passed down through the chain of command which each level approving it.There are two keys which must be turned simultaneously and which are so far apart that nobody can do it by themself.There is then a fail safe ignition process which contains internal provisions which if not followed correctly will “fail to start” the entire process.Apple could work this out w/ the FBI in a NY minute, if they wanted to.JLMwww.themusingsofthebigredca…

  40. chris dixon

    So do you think open source encryption like PGP should be banned? What about document signing, VPNs, SSL, cryptocurrency, etc? Should the government review every Github project to make sure the encryption it uses is acceptable? How do we keep strong encryption software out of the hands of bad guys given that it’s been widely available for decades (and is based on math that is taught worldwide)?

    1. JLM

      .Those are all strawmen. This is a simple law enforcement matter.One phone. One set of terrorists who are conveniently dead. One time. By court order.JLMwww.themusingsofthebigredca…

      1. LE

        Those are all strawmen.Exactly.Reminds me of “pot is better or no worse than alcohol” arguments so it should be allowed.Or “Locks? If they really want to break in they can”.

      2. LE

        Or even better “why does it matter if I touch a women’s breast if I can touch her arm? It’s just a part of her body..” [1][1] Why? Because by definition and tradition it’s considered wrong, that’s why…

        1. sigmaalgebra

          Naw, that’s not the reason. It’s a little close: The real story is, you touch her breast and I break your arm.

          1. LE

            You’re Italian?

          2. sigmaalgebra
          3. sigmaalgebra
          4. sigmaalgebra
          5. sigmaalgebra

            Ah, maybe you have in mindYou touch’a her chest, and I break’a you legs.That’s not me.I do like Pecorino Romano, Chianti, Barolo,Michelangelohttp://static.neatorama.com…Berninihttp://static.neatorama.com…Vivaldi, Winter and some Paganini,https://www.youtube.com/wat…Heifetz, Vitali, Chaconnehttps://www.youtube.com/wat…Milstein, Tartini, Devil’s Trillhttps://www.youtube.com/wat…Rossini, Puccini, Verdi,Pavarotti, E lucevan le stellehttps://www.youtube.com/wat…Nessun Dorma 1994https://www.youtube.com/wat…Una furtiva lacrimahttps://www.youtube.com/wat…(where I gave up on ever doing anything like that on violin)Che gelida maninahttps://www.google.com/url?…Vesti la giubbahttps://www.youtube.com/wat…te Kanawa, O mio babbino carohttps://www.youtube.com/wat…Callas, Vissi d’arte,https://www.youtube.com/wat…Scotto, Un bel di vedremohttps://www.youtube.com/wat…Ah, maybe there is at least a little Italian in most of us but along with some Bach, Mozart, Beethoven, Mendelssohn, Renoir, Bruch, Delibes, Chopin, Wagner, Sibelius, Tchaikovsky, Rachmaninoff, etc. or at least all of us are in all of them.Naw, I’m not Italian!

      3. ErikSchwartz

        The warrant gives them the right to the phone. They have the phone. Their problem is that they do not understand what they have.The warrant does not give them the right to force a 3rd party to help them understand what they have.

        1. JLM

          .Common law, however, does. When one fails to cooperate with an official investigation, that is called “obstruction of justice” and the court can hold anyone in “contempt of court” and jail them.There is a parallel with individuals being compelled to reveal witnesses and other fact based data.JLMwww.themusingsofthebigredca…

          1. ErikSchwartz

            Can the state compel a 3rd party to do work on their behalf?If Apple says to the state: “The way to unlock the phone is to enter the 4 digit code. You have 10 chances to get it right” that is providing them with the information to unlock the phone. At this point in time Apple does not know the code. They can’t be held in contempt for not providing information they do not have.The state is asking them to do work, not share existing information.

          2. JLM

            .The entire theory of legal discovery is based on the litigating parties doing work on behalf of the other party.Requests for production (documents), requests for admissions (questions), interrogatories — all require work.FOIA requests require the parties to do work.Further, a vendor or a contractor can always be compelled to do work when they are fairly compensated — at the core of this legal concept is the “taking” aspect of eminent domain wherein a gov’t may compel someone to sell a property with the right to litigate the “fair market value.”The concept of gov’t ordering compliance from reluctant citizens is at the root of the gov’t’s enforcement rights (the military draft, as an example).JLMwww.themusingsofthebigredca…

          3. ErikSchwartz

            All the cases you give the information is already extant. FOIA and discovery result in a raw data dump. Apple could send the FBI a list of numbers between 0000 and 9999 and tell them that it is one of those numbers.Of course we are (once again) just debating for the sake of debating. Both of us elsewhere in this discussion have opined that Apple has probably already acquiesced and whet we are witnessing now is theater designed to make the bad guys think their comms are secure.Sometimes you have to let the u-boat sink the cargo ship.

          4. Kris

            Being forced to do work for the government as a government contractor is vastly different than being compelled to reveal specific things.It’s against the constitution to force a company to work for you.

          5. JLM

            .The gov’t’s legitimate enforcement powers are found in such things as building codes, environmental regulations, air traffic control, zoning codes, navigation regulations.The gov’t can not only suggest you to do something, they can force you, and if you fail to comply they can do it for you and charge you for it with penalties.They can employ contractors on your behalf (forced demolition of a damaged building, as an example) and send you the bill with an appropriate markup and then enforce payment by putting a lien on your property.Fail to pay the bill and they can enforce the lien through foreclosure.The gov’t can discipline you for failing to render aid at the site of an accident as well as “obstruction of justice.” They can draft you and send you in harm’s way.The Constitution is silent on such matters. Completely.JLMwww.themusingsofthebigredca…

          6. Kris

            Building codes and standards are VASTLY different than forcing a company to become your software contractor. One is before anything is built, the other is far after the fact.It simply violates the first amendment to compel a company to work for you in such a manner. https://www.eff.org/deeplin

          7. JLM

            .Latent defect laws are based exclusively on fixing flaws and fashioning remedies after the fact, no?You build something and a court requires you to remove the danger to the public at no compensation.My comment goes to the magnitude of the power that gov’t possesses. It is huge.The article you note from EFF, an industry group with a tendency to confirm its own biases (a good thing BTW), is arguing something that is not in evidence.The FBI is not requiring Apple to write a new iOS rather they are asking them to retrieve the contents of a single phone. The FBI does no intend to own the new code nor does it ask that Apple even retain it.The FBI wants the contents as they are convinced it may enable to them to protect the American people by revealing the presence of more terrorists or enablers.Apple does not own the contents but it may be helpful in revealing them for the purposes of legitimate law enforcement and public safety.Free speech is not an absolute defense to anything. The trite example is the legal liability associated with screaming “fire” in a crowded theater.Being asked to walk the cat backwards hardly strikes me as a First Amendment issue particularly when the flaws with the brief are explored.JLMwww.themusingsofthebigredca…

          8. Kris

            I can’t tell if you’re just trolling in this thread or what.> The FBI is not requiring Apple to write a new iOSThey are asking Apple to modify the existing OS in order to be run entirely in memory and do the various things the court order requested. Go re-read the court order they explicitly mention this.> they are asking them to retrieve the contents of a single phoneAlso false; the FBI only wants the ability to brute force the passcode on the phone without it wiping its contents. They do not want Apple to get the contents AT ALL.> Free speech is not an absolute defense to anything. The trite example is the legal liability associated with screaming “fire” in a crowded theater.Agreed but the fire in a theater is completely unrelated.The next time you’re running a company and the government compels you to explicitly devote resources, resources that could be doing other things to make your company money, towards working on a project for them that you do not want to work on I think you’ll change your tune real fast. That’s a HUGE request. No company should be burdened with that.

          9. JLM

            .Distinctions with no difference.The FBI is not requiring Apple to launch a new iOS. They want the contents.Whether the acquisition of the contents is a single or double step is of questionable relevance. They want the contents.The FBI wants the contents and doesn’t really care how they get them.I used to routinely cooperate with the DEA, what became ICE, the FBI, the US Marshal’s witness protection program on matters pertaining to the renting of apartments and the location of tenants.There are hundreds of examples whereupon the gov’t asks citizens to cooperate with legitimate law enforcement initiatives. I owned thousands of apartments and I was more than glad to cooperate.Nobody ever compensated me but they certainly offered to. I was glad to help, perhaps, because I was a patriot.JLMwww.themusingsofthebigredca…

          10. Kris

            > The FBI is not requiring Apple to launch a new iOS.Alright we’re done talking. They literally ARE. It’s spelled out, very explicitly, in the court order. So have fun trolling but I’m done.

          11. rick gregory

            Yeah, sorry JLM but that’s precisely what the FBI is asking for – that Apple create a version of iOS that doesn’t have the security protections that the released versions have.

          12. Prokofy

            I am having a hard time figuring out why a request to access a routine in firmware that is proprietary but not encrypted in order to stop the fail-safe from defeating the attempt to bang at the encryption is “creating an entire new iOS.” It’s not.

          13. Kris

            Sorry but that’s fundamentally incorrect. If you had the ability to modify the operating system on an encrypted volume it would be a serious, serious, serious security flaw. The FBI would have never needed Apple or anyone else if all they had to do was modify a “routine in firmware”.When your phone is encrypted it encrypts the data and the operating system. It’s not actually possible to modify the operating system unless it is decrypted. If you read the court order the FBI, very explicitly, outlines that due to this a new but stripped version of iOS will need to be created that can be loaded directly into the ram and executed.I mean it’s in the court order…

          14. LissIsMore

            Yes! While it is true that, as a landlord, the government can compel you via a warrant to open the door to a suspect’s apartment, it is NOT true that they can compel you to build a special door for the government to enter the apartment.

          15. Prokofy

            No, it can compel you to have a key that fits a lock of your own ownership and discourage you from pretending your don’t have that key or a skeleton key by fining you thousands of dollars a day. BTW, the problem of ownership is key here, too. We don’t own our iPhones, nor does the county in San Bernardino that in fact owns the terrorist’s phone because it was his work phone. We don’t own it because we can’t control it nor can law-enforcement. It is encrypted and therefore is owned by Apple. This is what I keep warning about, the collectivization of all property by the new Bolsheviks.

          16. LissIsMore

            Interesting take, but I think you are misusing the term “ownership”. In the specific case of Apple storing my encrypted data I would argue that I am still the owner of the content, while Apple is acting more like a storage facility that I have contracted with. I have not transferred ownership rights by using their storage facility.

          17. ShanaC

            up to a point. And common law is continually developing.Eg: It is not clear to me at all that this casehttps://en.wikipedia.org/wi…(shipwreck, cannibalism because it took way too long for them to get rescued, ok)would be decided the same today at all even though doing so would be with common law precedence both in the US and in England, mostly because of this bookhttp://www.amazon.com/The-C…You can’t write The Case of the Speluncean Explorers if there wasn’t openings in common law – and social custom has changed that much in 150 years that we might actually have to rethink such a case if it came to trial.

      4. chris dixon

        “If society thinks someone is doing something wrong, and if law enforcement can get a warrant, there should be a mechanism to get access to our devices.” There is no way to enforce this without banning strong encryption.

        1. LE

          Well then maybe this is actually more important than strong encryption in the minds of some people possibly on their mobile phone. Not that I buy in that it’s not possible to have both by the way.

          1. rick gregory

            Your buy-in is irrelevant. The entire ‘golden key’ line that we can have strong encryption and backdoors betrays a fundamental misunderstanding of the issues. The whole “we can have impenetrable security that has only one small leak in the security is rather like the woman who’s only a little pregnant.And guess what – if they backdoor the iPhone any criminal worth the name will use Blackphone or other technologies that aren’t backdoor.

        2. ShanaC

          can you do risk based encryption. Or buy insurance for your encryption, or hedge the encryption.If encryption is weakened, then you should be able to hedge it…

          1. Dr Washington Y. Sanchez

            If breaking encryption leads to your arrest or death, an activated insurance policy is going to matter very little.

          2. ShanaC

            arrest with the criminal equivalent of Cravath, Swaine, and Moore paid for by my insurance premiums I’m decently ok with. I’m more likely to walk innocent and the government coming out looking bad with a legal team like that.Legal insurance is actual legal in the US. Because it is attached to the financial market, if such an insurance was created, and then hedged by insurance for insurance carriers (see:AIG) and on the open market, it might also end any suggestions of large scale weakening since most would want to bet against the government (my guess)As for death, I have a higher probability than most to die before 65, so most of those types of questions never bother me, as I am already having to confront my mortality now.

          3. sigmaalgebra

            Ah, CSM, I have a niece who got PBK, Harvard Law, and CSM. Soon she left, got an MD, and is practicing in Baltimore.

      5. rick gregory

        Wow, both extreme naivete´ (the ‘one time’ part) AND fear mongering about terror.

      6. Dr Washington Y. Sanchez

        > Those are all strawmen. This is a simple law enforcement matter.Actually it isn’t a strawman argument. The only way you can enable law enforcement to get access to the phone or *any other piece of encrypted software* is to effectively ban it (either by law, or technically by adding a secondary key that also has access as proposed by Albert Wenger).Even if the government banned or required all encrypted software to include ‘GovKey’, it will just push all strong encrypted software development underground or to jurisdictions with lower regulatory arbitrage.

    2. ZekeV

      Did you read Albert’s posts about this? He makes an interesting argument that this is about Apple’s not being allowed to force us to run only software signed by Apple. In other words, if I own a general purpose computer, I can choose to run PGP. But Apple can’t lock down the device such that only Apple-approved software runs (regardless of whether we trust their assertions as to e2e encryption, privacy, etc.). I like Albert’s ideas, but I’m afraid that actual legislation on this issue will say exactly what you’re afraid of — basically a revamp of the old crypto wars.

    3. fredwilson

      i’m not proposing banning encryption Chris.

      1. David Semeria

        Yes, but Chris is saying that’s what it amounts to — if, even with a warrant, law enforcement can’t access the data, then the warrant is basically worthless.The only people who can really say what can and can’t be broken are the NSA, but I doubt we’ll see their 2 cents here on AVC.

        1. ShanaC

          ha

        2. Twain Twain

          Here’s what the NSA said about crypto-security in Feb 2016.* https://www.technologyrevie…@cdixon:disqus — What’s considered to be strong encryption in a Quantum Computing world? Especially given this article in Bitcoin magazine:* https://bitcoinmagazine.com

          1. Dr Washington Y. Sanchez

            There are other types of strong encryption that are resistant to quantum computing. Not a problem at all.

          2. Twain Twain

            In the interests of helping us all understand encryption technologies better, is there a list you can provide for these types of strong encryption, thanks.

      2. scottythebody

        I just don’t get it, though. We would basically have to ban real encryption for the other “elegant solution” you think is possible to be effective. If everybody loses strong encryption as a retail option, then they will simply use the real encryption that already exists for free without the back door — This is especially true of the bad people, who are already using it. So in addition to putting in the back door, Apple would have to ban apps using non back-doored encryption as well. And, of course, we are only really talking about Apple because they are the only ones making mass market devices that are actually secure.There’s a German company making a product called CryptoPhone that is widely used in NATO and EU governmental agencies. It is very secure and uses non-breakable crypto. Should we ban the import of those, too?We have finally reached a time when we can make secure products that protect us and our privacy — something we have been seeking for decades. Now that we are there, the government and those who value our data as a product and a source of wealth are chickening out.

        1. sigmaalgebra

          See some of my other posts in this thread: Don’t need, really don’t want a “secure product”. To heck with what Apple does with security.As I explained, take some data you want to be secure, move it to an old computer, encrypt it, convert the output to base 64, copy that to some Apple, Android, Windows, Linux whatever device, and send it.For the de/encryption, just use some simple, open source, command line C programs on an old PC, never connected to a network and with no back doors.All Apple, Android, are being asked to do is to send some base 64 gibberish that no one can get anything from even if you give it all to them on a silver platter.

      3. Muneeb Ali

        Banning “strong encryption” means banning encryption. Sadly, there is no middle ground here.This also means banning something that is technologically possible like the Internet. It will continue to exist regardless of the current laws of society.And finally, government organizations are probably the worst choice for having access to “golden keys”. Chances of government organizations getting hacked or messing up things are much higher than tech companies getting hacked.

      4. Whichisitfred

        Fred: you not only proposed banning encryption, you labeled those who wish to use encryption “absolutists”.What’s the deal? I’ve got a few theories:1) You’ve invested in the next-gen Clipper Chip and are hoping to make a billion dollars by getting it mandated. In this version you’re either incredibly selfish (you know it’s a terrible idea, but don’t care) or you are incredibly naive (you honestly don’t understand why it’s a terrible idea.)2) You’re so stupid that you don’t understand that your argument would, in fact, ban real encryption. I have trouble believing you’re this dumb.3) You know it would ban encryption, but you’re being dishonest because you’re doing somebody a political favor.4) You know it would ban encryption, but are being dishonest for other reasons.Frankly, I think that option 1 is the most likely; that you stand to make a financial gain by screwing the rest of the world, but I’m open to other explanations for your insane, destructive, and deeply anti-american position here.

      5. Prokofy

        Yes this is the specious argument made by so many extremists. Obviously you need encryption for banking on line, for privacy in your little Yahoo account or Facebook page not to mention for corporate intellectual property and while this might shock you, for legitimate government functioning. You don’t have to have 100% invincible encryption to achieve these goals; we don’t have it now despite the Apple story. You can and should defeat terrorism and crime like drug dealing and child pornography by being able to cooperate with the government if you are a tech company with products you try to turn into black strongboxes for marketing reasons or for ideological reasons.I think this does require, however, a declaration of what code is a weapon. PGP shouldn’t have been licensed to export to the Russians (which is essentially what happened) or anybody. In fact, had you allowed the Clipper chip we wouldn’t be having this conversation. Ideological tech anarchism has prevailed on those two rounds of the crypto wars and it’s only worse now. Invincible or nearly-impenetrable code is a weapon just like a nuclear weapon capable of killing people and destroying countries. A liberal democratic government under civilian control should be the only entity that controls these weapons, not geeks even in big companies.This “falls into the wrong hands” argument is equally specious. Encryption is ALREADY in the wrong hands of TERRORISTS thanks to Snowden and Apple and Durov’s hubris (Telegram). THAT is the problem, not the putative weakening of corporate firmware and closed-source code by hackers from wherever, that might or might not succeed. Paris bombers ALREADY used Telegram and the San Bernardino killers ALREADY succeeded having encryption in their hands. THAT is where we are.

  41. ErikSchwartz

    The paranoid part of me thinks that Apple has already unlocked the phone and everything we are seeing play out now is theater to make terrorists think their comms are secure.

  42. Nick Ambrose

    As long as it works better and is less invasive than the “Key Escrow” that was almost forced on us years ago. There is six months of my life I’ll never get back again

  43. Sean Saulsbury

    But the technology exists to encrypt, and criminals can and do take advantage of that. You are only disarming law abiding citizens by taking such a stance, so what is the point of that?

  44. johnbr

    If some random person comes to your door and says they want to look at your underwear, you can say no, prove to me who you are, show me a warrant. if they continue to attempt to push their way in, that’s a felony and you have the right to shoot them and kill them. Powerful disincentive.If we put backdoors into our encryption, anyone with any one of the backdoors can look through your underwear, regardless of whether they have a warrant, regardless of legality, and you will have no way to deter them.That’s the difference, and that’s why your analogy fails.

  45. christopolis

    I completely agree. For instance these Hong Kong booksellers that were recently detained in China could have had information on their locked phones or even in the cloud that the Chinese government really need to see because…terrorism.

  46. kidmercury

    The platforms can always unlock it. Something like bitcoin which had the promise of decentralized encryption only really means that whoever had enough strength can unlock it, so it is a “might makes right” environment.Consumers have thus far expressed a preference for some governance in their platforms. The platforms should retain control over this governance. The nation state is not the natural governor here — yet another sign of how it is an increasingly obsolete arbiter of the social contract.

  47. martin joseph brej

    the president’s analogy is not appropriate–today’s smartphones have more varied and more concentrated personal information than was available to the government in any prior search for cause. it is qualitatively a very different situation than a search of your house.also, why would anyone rational trust the government to only use access to this personal information with a warrant–like in the house search analogy–we all just lived through the metadata scandal that snowden exposed. unlike the house search analogy, they did all this spying without any of us knowing it was occurring.the president’s sxsw speech made a bogus analogy and you are perpetuating it.

  48. Jack Lewis

    It’s clear you don’t understand the tech – what you’re suggesting is plainly impossible.There is no way to make a key that only works if you have a warrant. Math doesn’t care about warrants. Reality deals in absolutes.This reminds me a lot of the climate change debate, there is an unfortunate reality that all the experts agree upon, and which the uninformed deny,

    1. sigmaalgebra

      Yup,all the experts agree uponThat is, human sources of CO2 have nothing, zip, zilch, and zero, to do with climate change, global warming, or even the CO2 concentration in the atmosphere.

  49. Laura Yecies

    Yes a judge can issue a search warrant to access a specific home. The judge does not issue a master key that allows entry to all homes. As best I understand the access technically ends up being universal, beyond the scope of the specific warrant.

    1. ZekeV

      It’s tempting to compare the iThing to a home, or perhaps a safe. But the difference is that no matter how well you build a home, or a safe, it is always possible to gain keyless access. Even in Russia where most people have steel doors, law enforcement has tools for the job. (KA-BOOM!)I think you are accurate in describing the DOJ’s request in the San Bernardino case. They want a tool that would theoretically allow them easier access to any iphone of that generation. However, there’s a better approach where the device manufacturer is required to create an escrowed key that is unique for each unit that it sells. If they are careful about the techniques they use in creating and storing those keys, and also require a second sig by the manufacturer’s private key, it may be possible to grant device-specific access in response to a warrant. I am still nervous about that idea, but it is a harder case to argue against than a universal backdoor…

      1. Laura Yecies

        I’m not an encryption expert buy my understanding is that’s not possible – that would however be the ideal solution if it’s workable and secure

        1. ZekeV

          It is possible in theory — see, e.g., multi-signature bitcoin wallets. Same idea. The problem (which I suspect would be fatal in practice) is that you cannot trust companies to implement this feature in a way that is trustworthy.

  50. digler99

    ” if law enforcement can get a warrant”I don’t know if you learned anything from Snowden, but law enforcement no longer needs warrants. They use dragnet surveillance – intended for military applications – against US civilians.So, by your logic, keeping unbreakable crypto is OK, because I’m using it to protect against military-style attack, not against constitutional, warranted (literally) seizure. The only absolutism in our society is the authoritarian absolutism from the us government: warrant-less spying, “threat scores”, watch lists, legal police executions, military-style SWAT-raids, parallel construction, etc. How come that “absolutism” isn’t mentioned in your article ?

  51. Nick P

    Your post has reached Hacker News will it will get some interesting review. My background is high-assurance security: the kind that stops nation states… often enough. 😉 I’ve already worked on this problem plus reviewed INFOSEC literature on it. I wrote up legal and technical possibilities in the post below which also came to the opposite conclusion once the risks were weighed:https://news.ycombinator.co

  52. Throwaway Forobviousreasons

    Fred: I respect your right to call me names, to label me an extremist, and to pretend that it is my position (not yours) that is extreme.However, if you want me to think you’re something other than a joke: make an actual proposal. Don’t just say “somebody should invent methods of storage and communication that lets good guys snoop for good reasons; but is resilient to attack and abuse”, go out and do it. Think through the problem, talk to experts, work on it, and do it.Or, alternately, work on it in a meaningful way, realize that your position isn’t actually possible, and realize that it was wrong of you to engage in name-calling simply because you haven’t thought through the problem space; and you don’t understand the constraints.I hope that this post of yours will be followed, soon, with a retraction that indicates that your position was borne of ignorance, that you are the one taking the extremist position of attempting to make all private information instantly and easily accessible to the government, that you were naive and foolish for doing so, and that you were wrong to call us names.In the meantime, your opinion has been duly noted and has been given far more attention than it deserves. Please shut up unless you have a real proposal. Or, at minimum, please stop disparaging us simply because you’re an ignoramus.I’m using a throwaway because I work at a company you invested in, and I don’t feel like either rewriting my position to be limp and tepid; nor do I feel like risking professional retribution if you’re bothered that somebody (correctly) pointed out that you have taken an insanely extreme position and are dishonestly pretending otherwise.

    1. LE

      and I don’t feel like either rewriting my position to be limp and tepidWhy? Do you feel that Fred will get you fired for what you say? [1] Or do you feel you that your career will not advance?By the way several of us here have dealings with Fred in one way or another and it’s never stopped us from telling him we don’t agree with him.However, if you want me to think you’re something other than a jokePerhaps you could explain why it should matter to Fred if you think he is a joke? What is the end result of that exactly? He is off having fun skiing on the west coast (and working as well for several months) . Do you think he should live shackled in some way by what people working for companies that he invested in think about something like this? What kind of freedom is that, ironically?By the way good time to note that Fred was listed by CB Insights as the #2 VC the other day:http://www.nytimes.com/inte…[1] As likely as Fred voting for Trump….

      1. Throwaway Forobviousreasons

        I know Fred won’t be bothered. He’s rich as hell, and he doesn’t give a fuck.Frankly, he’s a good enough marketer that he might’ve written this specifically because he knew it would create “engagement”… or perhaps he wrote it because he’s investing in the next-gen Clipper Chip and is trying to lay the groundwork for them.But there’s some tiny, TINY chance that he wrote this because he wanted to hear other voices and learn… and I responded on the off-chance that he is not as closed-minded, ignorant and foolish as he seems.As for your entire post: what’s YOUR game? Why does Fred need you to kiss his ass so hard? Do you think that if you just play yes-man to him and you link to his accolades that he will help your career?Oh right. Yes, Yes you do. So yes, you totally understand why I wouldn’t take a strongly opposing view (and one which clearly states that Fred is ignorant and reacting without logic or reason) while using my name. You’re being a hypocrite to pretend that I’m silly for being private; when you are going to great lengths to kiss his ass to help your own future.The man is not some great and perfect man. He’s just a man. And I know that he’s having fun and probably doesn’t give a shit that some peon thinks he’s dumb… but I’m hoping, HOPING that there’s some TINY chance that he cares about being sensible and right, and that he’ll realize that the voices of dissent are reasonable; and that the accolades are coming from ass-kissing yes-men like yourself, and that you are the ones to ignore.

        1. LE

          Oh right. Yes, Yes you do. So yes, you totally understand why I wouldn’t take a strongly opposing view (and one which clearly states that Fred is ignorant and reacting without logic or reason) while using my name. You’re being a hypocrite to pretend that I’m silly for being private; when you are going to great lengths to kiss his ass to help your own future.That’s actually pretty funny I am guessing you don’t read many of my comments here.The man is not some great and perfect man. He’s just a man.Not true! He is uber perfect and rarely makes mistakes! (One of them was airbnb but in true kiss ass fashion I have said that I would have not invested in that as well to make him feel better about that “mistake”).And I know that he’s having fun and probably doesn’t give a shit that some peon thinks he’s dumb…Unlike me, Fred is not judgemental. So you are wrong there. [1][1] Ooops there I go kissing his ass again.

        2. Fernando Gutierrez

          I don’t want to feed the tin foil hat beast, but those comments leave an IP address somewhere and Fred has also invested in Disqus :DI would not worry too much to dissent with him, he does not seem like a vindicative guy. However, I can understand the will to remain anonymous. Sometimes standing for your ideas can have nasty consequences and everyone has the right to try to avoid those.

    2. inklenotrump

      this is great. I bet he never reads it. It’s amazing to think that this argument is actually being taken up by these types of people after Snowden. I mean you want to talk about extremes. Look at the stance the government has taken. They can’t have it both ways and they know it. Using left leaning successful people as a mouthpiece like this is a great tactic politically but you’re exactly right. He either doesn’t know or he’s acting like he does to attempt to frame the narrative. transparent as fuq and really should cause lots of people to rethink the respect given here.. I know it did for me.

      1. ShanaC

        they get read, I promise.

  53. Kirsten Lambertsen

    I’ll be looking a lot to Albert on this issue because I know he comes to his positions after great thought, study and research – not from an ideology.Reading the through the comments here hasn’t been, honestly, terribly helpful. Feels like a cafeteria food fight.

    1. Richard

      Ambert, no ideology?

      1. Kirsten Lambertsen

        I am much harder pressed to identify, from his writing, Albert’s ideology, if any, than I am many of the regular commenters here, myself probably included.

    2. Anne Libby

      This was in my email this morning, exhaustive, via Bruce Schneier’s email newsletter: https://www.schneier.com/cr

      1. Kirsten Lambertsen

        Thanks!

  54. sigmaalgebra

    ObamaAs a US citizen, say, patriotic, by a very wide margin Obama is one of the last persons in all of history on this planet I want to hear from on this crucial issue of the US Constitution. I’d rather drink sewage than consider anything he said.Good NewsI don’t know everything said in the “tech industry” about encryption, but with Rivest-Shamir-Adleman (RSA), etc., we now have some capabilities not known to Thomas Jefferson. My view is that this fact is a big step up for our country, some really good news, not a danger to be overcome.Although I have not yet done so, I do have the main book from Schneier with its CD or whatever of C code for RSA and the source code for Zimmerman’s similar Pretty Good Privacy (PGP). And, I understand Fermat’s little theorem just fine, thank you. So, in a few afternoons, I could have all nicely cleaned up some simple command line programs in C that will take in data, encrypt it, and write out base 64 code as in the Internet Engineering Task Force (IETF) request for comments (RFC) standards on multipurpose Internet mail extensions (MIME). And also some corresponding code for decoding. And I could publish a public key. I haven’t done those things and so far have no great reason to do so, but I could. And not far away I have an old PC/XT I have neglected to discard that finally I see I could use for such de/encryption without fear of any backdoor features in the hardware or any compromise from any network connections. So, I can have what from nearly all evidence is just rock solid encryption.Results(1) No one can stop me or anyone with even just beginner programming skills from having such de/encryption. No one can do anymore about that fact than they can about sun spots. Instead, that de/encryption possibility is just a fact of life. Maybe some people don’t like some of what can be done with prime numbers or with the speed of light speed limit — tough, get used to it.(2) Citizens of the world now have an additional barrier to entry against tyranny, and I like that.For Obama, I’m really, really glad the days of his quasi-noble experiment will be over in less than a year. And there is for him and all of us some really good news: He gets to spend all his time working on his golf game and jump shot and need not worry himself about any of the usual issues of POTUS. Then for about another year, we can all continue to pretend in the outrageous fantasy world that his case of the quasi-noble experiment was a success and appreciate that, IMHO due to some unsung US patriots, the US has dodged a bullet and avoided a huge disaster.I thank the unsung US patriots and the US founding fathers. And, now, hopefully for at least 1000 years, the rest of us will have had, from whatever transgressions, our retribution and redemption. We will close the book and all its chapters on that sorry history.And, at least until there is some improbable, astounding progress in number theory or, say, quantum computing, we will have an easy but strong barrier to tyranny.

  55. jason wright

    in this age of mass meta surveillance your professional ‘terrorist’ (a label) has long since gone analogue. i demand my privacy.the reality according to Snowden is that the US government can already hack any and all information on an iphone.

  56. Zigurd Mednieks

    There is an easy way to tell one side of this debate from the other:One side can point to numerous proven secure implementations and a consensus of experts that have evaluated those implementations.The other side is begging, threatening, and otherwise haranguing these same experts to implement their wishful thinking. They have exhumed the rightly dead Clipper Chip and are flogging that dead horse as hard as they can.

  57. coranthur

    End-to-end strong encryption is the only way in which our digital communications infrastructure continues to function, at all, in the long term.Without encryption, technologies exist which can modify the title of your post, the content and positions of your post, and the comments of all of your readers on fly, to say something completely different than what was intended, without either yourself or your readers actually knowing.What I described above was largely impossible in the age of newspaper and hand written letters. When information was written to a page, or a letter was sent, we formerly had a large degree of certainty that content and sentiment would be faithfully stored and transmitted.This brings me to the major flaw in your position:> *…just abandon the framework that has worked in our society for hundreds of years*End-to-end strong encryption is NOT an abandonment of the framework which has held society together for hundreds of years. Rather, as more and more people switch to consuming and sending information electronically, it will be the only way for us to preserve the framework and guarantee that it will continue to exist.The US should currently be pouring money into DARPA right now to develop more secure alternatives to the original ARPANET protocols such as TCP so that as much encryption and security is handled in the protocol layer as possible.If the US does not upgrade it’s digital infrastructure to pursue strong end-to-end encryption for all civilians, our economy, markets, and executive departments will become much more fragile and subject to increasing attacks and disruptions from state actors such as China.

  58. coranthur

    End-to-end strong encryption is the only way in which our digital communications infrastructure continues to function, at all, in the long term.Without encryption, technologies exist which can modify the title of your post, the content and positions of your post, and the comments of all of your readers on fly, to say something completely different than what was intended, without either yourself or your readers actually knowing.What I described above was largely impossible in the age of newspaper and hand written letters. When information was written to a page, or a letter was sent, we formerly had a large degree of certainty that content and sentiment would be faithfully stored and transmitted.This brings me to the major flaw in your position:> …just abandon the framework that has worked in our society for hundreds of yearsEnd-to-end strong encryption is NOT an abandonment of the framework which has held society together for hundreds of years. Rather, as more and more people switch to consuming and sending information electronically, it will be the only way for us to preserve the framework and guarantee that it will continue to exist.The US should currently be pouring money into DARPA to develop more secure alternatives to the original ARPANET protocols (ex TCP) so that as much encryption and security is handled in the protocol layer as possible.If the US does not upgrade its digital infrastructure to pursue strong end-to-end encryption for all civilians, our markets and executive departments will become much more fragile and subject to increasing attacks and disruptions from state actors such as China.

  59. jason wright

    the greatest terrorist organisation in the US is the NRA. it’s policy leads to weekly d.i.y. acts of terror. opening up iphones to inspection will not stop this.

    1. JLM

      .I am overwhelmed by the simple, clean logic of your utterance.JLMwww.themusingsofthebigredca…

  60. MacLane Wilkison

    Backdoored or weakened encryption isn’t just a question of security vs. privacy. The Internet fundamentally will not work without strong encryption. For example, how do we process payments without strong encryption?The approach we’ve taken at ZeroDB is to use strong encryption but with built-in sharing functionality via proxy re-encryption. So, if a financial institution is using ZeroDB to store encrypted data in the cloud, they can provide the relevant regulators a special re-encryption key that allows them to read the encrypted data. To us, this seems to be a more reasonable approach than purposefully breaking encryption.

  61. jeromearmstrong

    This is the thing. The Congress will not decide this issue because they have do not have absolute jurisdiction. Because a law that outlaws absolute encryption in the US production will just mean that it gets produced elsewhere, under laws of liberty. Code is the new law & meet your new leader’s method: Freedom and the Right to Absolute Privacy.

    1. JLM

      .The Constitution agrees with you as it relates to “unreasonable” searches and seizures.The second criminal behavior is involved, the game and the players change.JLMwww.themusingsofthebigredca…

  62. Matt Zagaja

    As Larry Lessig reminds us, we live in a world where Code is Law. There may be lots of interesting thought experiments around this idea but so far I have seen nothing close to a secure way of doing what is proposed. Lots of policy people are attempting to will into existence something that does not. This is not to say it is impossible, we do not know what we will discover tomorrow, the Higgs boson, nuclear fusion, a cure for cancer. The key issue (pun intended) is that to allow access there does need to be a backdoor, and the more people that have access to that backdoor the more likely it is to be compromised. Once the backdoor is compromised, the game is over, much in the way it ended for all the TSA “secure locks” that we can now 3D print keys for, or the famous DeCSS code that enables Linux users to watch DVDs.Regardless of what debate we have encryption without a backdoor does exist and will continue to exist legal or not. Eventually the NSA and others will develop super computers that can crack this, though we do not know if in months, years, decades, or longer.Technically the next logical iteration of this will be a system that a user can only update if they provide their own key/password.[1] If they fail to do so then the phone is bricked.[2] Apple and others I think have erred on not doing this because of ease of use issues on the user end plus potential angry customers. Apple wants to be the trusted custodian of the one key here and their argument is simple: their interests are in alignment with their customers because they need to keep the trust of their customers to keep making money. Apple also has a vested interest in making iOS software updates as easy as possible and getting as many people as possible to update to the latest version so developers take advantage of the latest APIs and users are protected from the latest security vulnerabilities and have the latest bug fixes.Another interesting issue in the case is the balance between compelling work versus compelling disclosure. Apple does not like the idea that a court could force them to do specific work, including this specific work, and being a third party to the suit at hand I think that position is reasonable. However the government notes that they could try to compel Apple to give them their key for loading the OS along with a copy of the iOS source code and let the FBI/Justice Department do the work. I think both of these results are the ones that make the civil libertarians particularly uncomfortable. Since Apple is not the subject of the lawsuit (and presumably not a person) they cannot invoke the fifth amendment to decline to disclose the key the way an individual can. Given that there is not evidence that I am aware of imminent danger I too am skeptical of allowing such a result for a fishing expedition. The standard for compelling this work or disclosing this information should be similar to the standard attorneys are held to in regards to privileged information.[1] The Apple issue is really over a feature that wipes the phone after 10 failed attempts rendering guessing programs useless. This system is a failsafe for the NSA creating super computer problem in security. Even if the FBI wins there is no guarantee they will get into the phone, it just gives them a chance to try their super computer. Also there is no guarantee that this feature was enabled, it is possible that unlimited attempts are allowed as the phone is set, but the only way to find that out would be for the FBI to try it.[2] Backblaze does this with their cloud backup where users can generate a private key that Backblaze does not have. Apple does the same thing with FileVault encryption on Mac OS X.

  63. Gregg Freishtat

    Good post and conversation but think its missing the most interesting aspect of the actual case. No one can reasonably object to a properly obtained and served subpoena. Our system has checks and balances and privacy gives way to laws to protect society and catch and punish criminals. As Fred said — with a proper warrant police can enter my house and search my underwear drawer. However, this case is about asking me to put my underwear on and dance. Or for Apple to actual create new software that does not exist. Can we (persons or legal entities) be compelled to “do things”? This is the legal question at hand. If Apple has the code requested, it should be turned over. If they do not, I have a hard time agreeing that they can be compelling build something. Slippery slope that is not currently contemplated by our legal system. Of course, they could voluntarily do whatever they want to catch bad guys or prevent terrorist attacks.

    1. Andy Orr

      Or allowing the government to plug into my brain to extract a password known only to me…well, I guess some do think waterboarding is ok too.

  64. Andy Orr

    Can’t disagree more vehemently on this. Math is absolute. Sort of no way around this. Read Steven Levy’s piece on Backchannel (https://backchannel.com/why…. This really is a no-brainer.

  65. Kris

    This is just wrong. It’s not possible to have a non-absolutism view on this policy. You either weaken our security or you do not. There is, mathematically, zero middle ground here. I wrote a little about this already https://www.krissiegel.com/

  66. DisentAgain

    Law enforcement is supposed to be a difficult job. The fact that it was relatively physically easy to tap phones or open door locks does not imply that all things should be easy for all time. It’s not complicated. Law enforcement and the removal of citizens rights should be difficult.

    1. JLM

      .Why is the job of protecting citizens supposed to be difficult?Odd thought.JLMwww.themusingsofthebigredca…

      1. DisentAgain

        Because by definition it involves suspending the rights of innocents. That should always be a hard job.

        1. JLM

          .I think we have identified the problem.The job of law enforcement is to SERVE and PROTECT the innocent citizenry.The Miranda Warning provides the bad guys, the suspected bad guys, with an admonition to seek legal counsel with the knowledge that anything said or done will be used against a bad guy.A bad guy can get a court appointed lawyer when they cannot afford one. Pretty damn fair system.But it is NOT the job of the police to protect the bad guys. That is the job of their counsel.It is usually quite easy to sort out the good guys from the bad guys and when there is any confusion, the police are there to investigate and let a grand jury decide.JLMwww.themusingsofthebigredca…

          1. DisentAgain

            There are no “bad guys” until they are found guilty. All citizens are innocent until otherwise proven. By definition, you are suspending the rights of the innocent in order to investigate them. This is permissible, and necessary – with reasonable due process. Add to that the basic reality that many people investigated will *not* be found guilty and you have the ethical problem with your approach.Asking for shortcuts here is the same as asking to make it easier to investigate the innocent and suspend their rights. That should always be as hard as reasonably possible.More – there is no such thing as a half-measure in encryption. By definition, any breach is potentially universal, rendering it useless.

          2. JLM

            .Nonsense.Bad guys do not require the verdict of a court to characterize their actions.In the case in point, the San Bernandino terrorists will never be found guilty. They are DEAD.The World Trade Tower terrorists will never be judged by a court. They are DEAD.KSM, Khalid Sheikh Mohammed, the mastermind of 9-11 has not been judged by a court and it’s pretty safe to say he’s a bad guy.People who are charged with a crime can be refused bail and incarcerated pending trial. Happens all the time.When a person is anointed as a suspect or receives a target letter, they attain a status that is wholly different than being “innocent.”There are tons of people who admit their guilt long before their pending trial.JLMwww.themusingsofthebigredca…

          3. DisentAgain

            In the case of the deceased, if they are not accused in court, generally, guilt can never be found. The investigation must still proceed with presumption of innocence.”People who are charged with a crime can be refused bail and incarcerated pending trial. Happens all the time.” Yes. This is – as I explicitly said – necessary and required. It takes due process of law to do so, and nothing about it under normal circumstances can be described as “easy to do”.”When a person is anointed as a suspect or receives a target letter, they attain a status that is wholly different than being “innocent.” – Wrong. Presumption of innocence is the cornerstone of our legal system. Any suspension of rights while investigation is pending is reliant on complex due process and subject to strong oversight. It’s not easy, and it should not be – precisely because of that presumption of innocence.”There are tons of people who admit their guilt long before their pending trial.” Yes. This has nothing to do with the argument at hand.More, and worse – you keep ignoring the basic reality of encryption. Breaking a method of encryption for one single “bad guy” breaks it for all innocent users too. It’s is not a subject where compromise is possible. Any compromise of general security renders encryption useless for *all* users – regardless of involvement with any crimes.

          4. JLM

            .A person who is incarcerated must request bail. The gov’t is not involved in the process. It is a motion made by a defendant. The gov’t (the people) may support, oppose, or say nothing in reply to the motion.A person who is anointed as a suspect or who receives a target letter is entitled to see the evidence against them. That is a huge difference.There are tons of examples of “one time pad” type encryption in which the solution is usable only once. There are tons of examples of random number generation based encryption. This concept can be built into any solution.JLMwww.themusingsofthebigredca…

          5. DisentAgain

            “The gov’t is not involved in the process.” Wrong. They must provide due process for the arrest in the first place. That is part of the process. The burden of proof is still 100% on the government. The government *must* respond to bail requests with reasonable evidence of risk supported by due process, or they can’t keep the innocent person incarcerated. All suspect citizens are presumed innocent until proven otherwise. All of them.As for your naive solution to the encryption problem – just no. Leave that to those who know better. Every one of them will tell you, either it’s secure for everyone, or it’s secure for no one. You can’t selectively protect data for “good guys” only.

          6. JLM

            .I think, perhaps, you missed my point. I was referring to the notion of requesting bail only.The gov’t is not involved in the defendant’s process of a motion to grant bail. That is exclusively the role of the defendant and his counsel. They file the motion with the court’s clerk and copy the prosecution.The people do not have to respond to a request for bail and many times do not. A motion to grant bail must be in writing and must allow the people (prosecution) ample time to respond.Many seasoned prosecutors will reserve their response for the court appearance preferring not to reveal their arguments or to alert the defendant’s counsel as to their strategy.The prosecution does not have to provide any document to oppose a bail hearing that is in the public domain, as an example, a criminal history.It is generally presumed that a defendant can be granted bail except for situations wherein the defendant constitutes a danger to the public, himself, or a flight risk. A flight risk may be mitigated by taking a defendant’s passport or sticking a bracelet on him.When these issues are not present, the argument is simply one of the amount of the bail and how it may be posted.As to encryption, Apple can absolutely develop a methodology of obtaining the contents of the phone in question. As to the broader issues, Apple has to bake that into their solution. We did not get to the current level of encryption over night, so one has to know that there is continuing development.The triggering of nuclear weapons wherein a Presidential code makes two keys (further apart than a single man can reach) work which must still follow a triggering protocol and a firing failsafe — each part coming from a different place — is a perfect example of the thought process at work.JLMwww.themusingsofthebigredca…

          7. DisentAgain

            You are literally outlining the complex due process that makes my point. You can’t separate the bail request from the rest of the process, and even that bail request requires work on the part of the *prosecution*, not the defendant (beyond simply asking for bail or release). The job of the prosecution is made *deliberately difficult*. This is by design.”Apple can absolutely develop a methodology of obtaining the contents of the phone in question. ” But they do not wish to. Thus the problem. It’s a violation of free speech for the government to compel them to write code they don’t want to write (yes, code is speech).” Apple has to bake that into their solution.” Which renders the solution useless. That’s how encryption works – there are no half measures. It’s a request to invalidate the encryption for everyone. Launch codes are a perfect example. We don’t write back doors for launch codes because they would be rendered useless. The two-man-rule doesn’t make broken encryption methods less broken.The people are the government here. And as such, they have no rights to break encryption for all just because it would be convenient to break it sometimes. It’s (currently) legal to write encryption any way you choose. Requiring a two-man-rule a) would not necessarily work – and render encryption *less* safe by providing a method for two parties to crack it, and b) is unnecessary when perfectly serviceable encryption already exists.You are over-thinking this. The answer is simple. Strong encryption is more of a benefit than a threat, and the problem is invented. The government can’t read minds either – that does not mean we need to force a company to make a way to do it.

          8. LE

            A bad guy can get a court appointed lawyer when they cannot afford one. Pretty damn fair system.Police are allowed to lie in the interrogation room. That’s not exactly fair, although for obvious reasons it is necessary [1]My guess is that you wouldn’t hire a court appointed lawyer. You’d get Dick DeGuerin. eh?Bottom line is this. Life is not fair to poor and/or stupid people.[1] To have otherwise would open a door to to many technicalities is my guess as to why scotus ruled that way.

  67. andrewparker

    Albert’s recommendation in his post is super interesting, but it requires no technology investigation/R&D. Albert’s proposing a policy decision for the tech industry to agree upon: the policy being that no device should ship with single key encryption; it should all be multi-key by default (where any one key can unlock) with a legal framework for manufacturer key retention policy. We have the technology to do this today; the tech side is trivial. I’m not surprised the tech industry has decided not to launch devices with this approach to date. When one manufacturer can market their phone is inherently more secure than another phone; it’s asking a hell of a lot of the end-consumer to willingly purchase the less secure phone instead for the sake of national security, especially if the less secure technology is an opt-in choice (a choice no bad actor would ever opt-in to).You could go one step further and assume that all commercial manufacturers worldwide agrees to a new form of multi-key encryption. Perhaps all world countries mandate multi-key-only encryption via laws. Or perhaps the entire tech industry self-regulates the way the movie industry and video industry did with their respective rating systems. Either way, this still doesn’t solve the core problem, which is the bad actor will still have easy and readily available access to single sig encryption. Open source software can’t be sued or censored out of existence. We can’t un-write it just as we can’t un-invent encryption. I can always add another layer of abstraction to the data storage on my device that encrypts my sensitive data with my own single sig encryption wrapper on top (or underneath) my OS-level multi-sig encryption.So, while I like the thread Albert’s pulling on as a thought experiment, I’m bearish when I play out the game theory in my mind.

  68. Anne Libby

    (Ah, old school AVC.)

    1. ShanaC

      *sigh*

  69. hypermark

    I think the two most scary things about the notion of absolutism being a bad thing are:1) The ability for mobile carriers and internet service providers to autonomously track users a priori over time, and then at ANY time in the future, mine their past history. The fact that the AT&T’s of the world are happy to provide this service to the government only amplifies this fear. In this realm, the entire lives of future generations literally become a series of bread crumbs that can be re-traced, connected and amplified. It’s not simply about going forward surveillance as is the case with wire taps, nor is it manual, analog and defined by scarcity.2) History shows just how easy these backdoors become extended to a number off actors, be they insurance companies, corporate interests, tax collecting entities, political foes, hackers and terrorists. Illustrative of this is the simple example this weekend about how in NYC there are master keys for every elevator in the city, major construction sites, subways and skyscrapers are being freely sold online, despite a city law that makes it illegal for unauthorized persons to possess them. Image that as access to your “file.”

  70. Pete Griffiths

    I am unclear how any such solution would evade the risk that the necessary weakness could be exploited by ‘bad guys’

  71. Andy K.

    We live in a country where you are presumed innocent, until you are found guilty. I believe that the ability for law enforcement to get a search warrant is consistent with the presumption of innocence. If we are thinking about living in a land where law enforcement cannot gather evidence unless the accused provides it, perhaps it suggests a shift to a presumption of guilt, unless the accused can prove their innocence.

    1. JLM

      .The presumption of innocence is a standard that applies in the judging of facts by a jury or a judge (triers of fact). When the people are unable to provide compelling evidence as to guilt, then the jury may simply make a finding of “not guilty” based solely on the prosecution’s inability to convince them of the guilt of the defendant.They do not ever make a finding of “innocent.”The FBI is looking for evidence and the search for evidence results in facts which are presented to the “trier of fact” which are colored by quantum (amount), quality, and type of evidence. A trier of fact can give whatever weight they want to the evidence.Evidence may be testimony, documentary, physical, digital, demonstrative with different burdens of proof placed on the people (prosecutor).The trier of fact — and common law — lays out the burden of proof, the materiality, the “best evidence”, and allows the defendant to object to evidence based on its quality, exculpatory nature, privilege, the character of the witnesses, the chain of custody, the conflict between evidence.In some instances, evidence is precluded or given very little weight — hearsay, excited utterance, dying declaration, ancient document, and it gets very technical thereafter.Guilty people have to be proven guilty to a standard which is different for criminal and civil cases.Perhaps a better way of thinking about it is to use the actual legal standard, nobody is ever guilty until a trier of fact pronounces him guilty.Until then, he is “not guilty” but he is never really innocent.JLMwww.themusingsofthebigredca…

    1. Lawrence Brass

      This guy makes me laugh.+ the ending fake Apple ad is awesome.

  72. Lawrence Brass

    There is a pending discussion since Snowden blew the whistle and every relevant actor has eluded it because it is hard, uncomfortable and unpopular. It is about how much privacy we want and allow ourselves to have.There is a trend, most people has accepted or have been tricked to accept the fact that their personal data is handled by third parties: sieved, processed, tracked, reduced, mapped and everything necessary to extract the most value out from it, for almost nothing more in exchange than “better ads for you”. Unbelievably, at least for me, just everyone seems very happy with that. After all, that is where most of the wealth in tech comes from, it would be stupid to kill the goose that lay the golden eggs.This is why the NSA targeted Google for their bulk data collection, why bother to collect it if they already have done all the tracking and recollection. Want to track someone? Go after their analytics cookie crumbs or emails.So after Snowden, everyone began to work hard on security and now, after a few years it seems that Apple has done it right to the point that the authorities lost their ability to do forensics on their devices. So, at least Apple did they homework, but what happened with the *pending discussion about policy* during these years? Nothing.How much privacy we want and allow ourselves to have? If not much, as almost everyone seems to agree when confronted to terror, whom will be the trustees of our ‘lost’ privacy?This is the second time Fred posts a topic about security this year, both have got top comments count. People is interested.I would love to know what Larry Lessig thinks about this.

  73. Zigurd Mednieks

    Now we have one or two VCs echoing Obama and Comey. What does this mean? On the surface, there is no new information. It’s the same message: “I don’t have a solution, but you security experts should be working on one.” Why carry that water?Why do smart, highly educated people echo a message that’s widely discredited for being wishful thinking? Because they smell an opportunity. Government venture money will flow into ventures created for the purpose of implementing this wishful thinking. It may be a boondoggle, but as long as the private money gets the right preferences, it’s a no-lose proposition. As long as any useful technology gets created, it’s a pivot away from making money.The problem is this approach will also create gobs of toxic sludge in the form of legislative mandates to use key escrow products, bad security, and organizations that can’t attract good talent because they are seen as quislings.

  74. Michael Hart

    I find it odd that as someone who invests in technology, this would be so hard to fathom.In any case, Richard Clarke in my opinion made a good case that Apple has legal standing and is in the right.In case you don’t know who he is, he was the senior counterterrorism official for both Clinton and Bush.Here is the key exchange he had in an interview I believe says it all:”GREENE: So if you were still inside the government right now as a counterterrorism official, could you have seen yourself being more sympathetic with the FBI in doing everything for you that it can to crack this case?CLARKE: No, David. If I were in the job now, I would have simply told the FBI to call Fort Meade, the headquarters of the National Security Agency, and NSA would have solved this problem for them. They’re not as interested in solving the problem as they are in getting a legal precedent.GREENE: Wow, that sounds like quite a charge. You’re suggesting they could have just gone to the NSA to crack this iPhone but they’re presenting this case because they want to set a precedent to be able to do it in the future?CLARKE: Every expert I know believes that NSA could crack this phone. They want the precedent that the government can compel a computer device manufacturer to allow the government in.”Here is the complete transcript of the interview: http://www.npr.org/2016/03/

    1. ShanaC

      Personal Bet with myselfNSA could not crack the phone, and even if they did, they couldn’t use it in evidence because of how trial rules work here

  75. ShanaC

    Undiscussed secondary problemObama et al can’t have it all ways You can’t have a back door and have a device work for anything that could touch HIPAA information, or financial information, without the government having issues of its own, or being willing to take on that financial risk/burden when some record breaks. Basically this kills a lot of technology in the US (to be)And I don’t think the government wants that either

  76. rick gregory

    IF the FBI wants the information it seems they can get at it without Apple’s help at all: https://www.aclu.org/blog/f…This case isn’t about that phone which almost certainly has nothing of value on it (they have backups until 6 weeks before the attacks and the terrorists destroyed their personal phones… do you think they’d do that but not destroy this phone if it had anything worthwhile on it?).This case is about the FBI trying to set a precedent for what the government can compel private companies to do on its behalf and to weaken our security. Fred’s wrong this time. This is a time to take a firm stance on one side.

  77. Robert Labarre

    I think the mathematics and computer science behind encryption is extraordinary. People should peruse the Prime Number Theory Lectures from Terence Tao, the math genius at UCLA. It seems that the Technology race to encryption versus code breaking might come down to futuristic computer speeds/quantum computing to break down ‘locks’ of factored prime numbers that may be tens of millions of digits in length– and then the subsequent discovery of even higher level prime numbers that seem ‘un-factorable’. It is possible that nothing we say or feel about ethics might be able to interfere with the competition to be able to factor unfathomably larger and larger prime numbers (?)

  78. HisDivineOrder

    The problem is the government overreaches all the time with technology. Now they want to control this, too.Look up Stingrays. Look up PRISM.Tell me that government is the government you trust to only use a tool that unlocks any phone anywhere responsibly.I don’t believe that. They’ll use it for anything and everything.Snowden proved it. If the government had operated reasonably and within legal boundaries, I’d say that we should trust them to do what you suggest. Unfortunately, they’ve done everything in their power–including drop cases that might expose the existence/operation of Stingray devices, that is let criminals go rather than admit to doing something they know is illegal–to avoid doing things legally.That’s to say nothing of FISA courts. Secret courts where no one represents the other side where the government gets to constantly return to keep attempting to get what they want until they’re finally given it?Is this the legal framework you speak of? The one the government flaunts and ignores on a regular basis? Haha, no.I’m sorry. They can’t say, “We have to do what’s legal” on one hand while ignoring it on the other whenever it suits them. Get back to me when our government has abolished FISA courts, stopped using Stingrays for whatever without real warrants issued for their explicit use, and when PRISM is shut down.

  79. Andrew Graziani

    I’m late to this conversation, but one of my concerns with the absolutist approach some companies take to government surveillance is that it runs counter to how they think about privacy and user data in the private context. Most US-based technology companies would be very comfortable with the implicit trade their customers make when it comes to privacy and service/benefits. But these same companies insist on a black and white approach to law enforcement.Clearly there is a huge difference between the risks and constitutional implications of government snooping as opposed to the private “monetization” of data, but it would be nice to see some recognition that both use cases are awash in gray.

  80. Akshay Kumar

    Remember Clipper and Key Escrow? This does nothing to prevent the bad guys from using good crypto it just weakens security for the good guys. The house analogy is also just absolutely flawed. If your house were as portable as your phone you’d want the best protection for it. Then there is the case of other governments requesting the same backdoors. Sorry but this is just a seriously misguided thing to do.

  81. george

    There’s more at stake than just helping agencies catch a few bad apples. Defending personal freedom, the right to privacy and the rule of constitutional law rank high on my list of noble pursuits. The tech industry is doing exactly what the President is proposing, taking the time to create thoughtful, widespread debate, and protecting our civil liberties until due process is complete.

  82. etudor66

    You’re wrong on this, and so is the President. He has a good political reasons to come down on the side of the DOJ. You do not. You should think through this more. Please talk with more folks about this and consider revising your stance.

  83. Kevin

    As a user, I would prefer that companies encrypt my data as well as they can, and I will keep preferring products that do so. I hope the tech companies and software developers fight to the end because I would prefer a product that keeps my data safe! I don’t think the total sum of all crimes this could stop is large enough to weaken everyone’s privacy.

  84. Mark Essel

    Good post chief, glad GG asked you to write your thoughts. I like bad guys getting stopped, and I also like my privacy. Hope we can figure something out that fills both needs.

  85. DD

    This is the most reasonable approach to this troubling question I have seen, thinking outside the box of groupthink that the government always has bad intentions. We DO want to be vigilant about our civil liberties, but there ARE terrorists out there, and they ARE plotting in ways that now are undiscoverable by those who are charged with our safety. After the next attack, will we see all fingers pointing at the government for failing to prevent it? Let’s stop cursing the darkness. DD

  86. haliphax

    Does anyone honestly believe that, if a backdoor is provided to anyone – whether that be Apple or the government – that the somebody they *didn’t* intend to will figure it out and take advantage of it? This is almost the exact situation we’re dealing with now due to “export-grade” encryption from the 90’s being the root cause of so many of the security vulnerabilities discovered as of late. Intentionally weak crypto is just that – weak.

  87. Steven Kane

    Amen. And thank you brother.

  88. Brian Crain

    The problem here is that US law enforcement and government agencies don’t seem to care very much about trivialities such as warrants, court orders or the constitution. So the only way to retain a modicum of privacy is through end-to-end encryption.

  89. Geoff Smith

    Well speaking as a non-US person, I think there are two parties potentially interested in my data:- Governments (mine, USA, Russia, China….)- Criminals – interested in my bank account details, identity details etcYou may or may not trust your own Government, but I am pretty sure you don’t trust other Governments and I’m certain you don’t want criminals getting access to your personal information.The problem is a back-door is a weakness and is not just accessible to say the FBI with a warrant but is now accessible to any of the above. I’m not keen to see back-doors created because it exposes millions of innocent people to criminal behaviour and dubious governments.

  90. Julien

    The “home” comparison is only one way of seeing things. More and more, yet, our devices can be considered as direct extensions of your body (emotionnally or even physically sometimes…) If we consider them as new limbs; then, no, the government as no right over them.

  91. surelythemiddlewayiscorrectlol

    You are a dangerous man, spewing ignorance.

  92. Druce

    The industry stand has much more bark than bite. I do not believe the industry is nearly as absolutist in practice as they must pretend to for the sake of trust in their brand. And sales in e.g. China depend on it.The picture I have is that by default, everything is backed up to the iCloud. It has to be accessible by Apple since otherwise they couldn’t restore it if you lost the phone/unlock code etc. All Apple is asking for is opt-in security which most people won’t opt in to.To be honest, I find it hard to reconcile support for Bitcoin with support for the government’s position on the iPhone. The minute Bitcoin is implicated in something like San Bernardino the government will make the same demands on Bitcoin, which is really the end of it. And Bitcoin really is designed to skirt the government’s ability to tax, print money, control payments and leverage that control to fight crime and/or exercise political control over people and policies of other governments.But blockchain could provide a useful part of a toolchain for transparent and open due process … sort of glue code between the judicial system and complex ecosystems run by a third party or decentralized third parties – http://blog.streeteye.com/b

  93. shan

    The problem is that your President is not my president, your laws are not the laws applicable in my country yet the device and software we use are the same. So if North Korea wants Apple to decrypt some iPhone what should Apple do? You can’t expect them to apply a different standard for the US government. That would be discriminatory towards its users. The problem is, laws are not built for global companies and there’s no way to fix that. The best course of action is to focus on your users. Apple has no other option.

  94. Prokofy

    I’m surprised you took this position, Fred, but it’s part of why I have admired you in the past, despite my profound concern about your tilt to the left and excusing of the technocommunists and for that matter, the technolibertarians.In the end, you care about civics and the community and “what’s good for the country” and not just your own business — and frankly that is far better than caring about the abstraction and dangerous fiction of “a better world” which is how many a techie justifies some resource-wasting, ridiculous or dangerous piece of tech that supposedly helps starving African children…As you can imagine, I fully support the FBI in their lawful and necessary request, with a warrant, for Apple’s technical help in obtaining vital information about the possible network of terrorists who killed people in our country. Instead of being a good corporate citizen, Apple is gambling on the hipster Snowdenian posturing of the crypto-anarchist, and this is dangerous for American and ultimately even for Apple. Tim Cook feels no shame in providing back doors for China as “a matter of trade” (!) while he postures at home and gets street cred with Snowden lovers. Despiccable.Here’s where I think you’re wrong — the techies are not going to help here. The will only divide, conquer and terrorize. They heap scorn on not only Congress and law-enforcers but the American people for being “too stupid” to understand that “math prevails.” As I continually point out to them, it’s a good thing atomic scientists didn’t take this attitude toward their inventions or the world might not even exist today. Note that only Russia’s nuclear system can produce people who poison a defector; whatever the horrors of excessive force in war perpetrated by America on Japan, which cannot be forgiven even if it “helped end the war” and was just war doctrine, the deliberate use of a nuclear power of radioactive substances to kill an enemy of the state is nuclear terrorism.So it really is like that. Profound pretense and ideological hubris pretending that “math” and “science” dictate this affair instead of common sense, good policy, humanity and the rule of law. The arguing that the back door will “spread” is specious reasoning and overlooks that the only way it could spread is if Apple has saboteurs within and ease of penetration without.The tech tribe, however, is hanging on to this one hard. Two years ago, when I wrote “Privacy for Me and Not for Thee” about Snowden and his pals, I thought the way that crypto anarchy would ensue would be some small company like Lavabits or Whispersystems or FreedomBox or some geeky little company would create a black box they couldn’t open, and triumphantly hand it out to their friends as “freedom”. It would spread and endanger the legitimate liberal democratic state. I thought the CCC would go on hacking iphones as they did every season. It never occurred to me that the behemoth of Apple, with all its wealth and hordes of cash and market penetration, would be the perpetrator of the crypto-anarchy that would undermine its very host country. I was wrong.We are now dealing indeed dealing with Mr. Lee’s Hong Kong, per Snowcrash. It’s Mr. Cook’s San Francisco. You may tweet your weak protest against is from your iPhone, as I do, while contract murders, drug addiction, child predation and organized anarchy spread all around you.As for Obama’s revolting attempt to flatter the tech sector into being cooperative, this isn’t going to work. Federal power turning off the electricity to Cupertino may be required, if we can achieve that without the use of iPhones. It’s going to be scary.And finally, as for your partners’ notion that we should just open up all data to foil the need for privacy, flood the market, so to speak, so that the new valued product is data mining instead of encryption, or merely “paying attention” as a blogger, I’m not convinced by that logic. Always there will be terrorists and criminals who won’t be willing to play the game millions of us already willingly play by putting so much up on social media. They will always use encryption that is hard to break and go on challenging the civil society. You can’t hope to undermine them by flooding. The prospect of a sizeable business sector of people who arrogate themselves above the rule of law while they harm public health and the public good is outrageous. This isn’t selling cigarettes, it’s selling the end of humanity and getting your way by controlling its outcome. It’s killer robots, where we finally learn that coders are the killers, not the robots.

  95. Marcus

    The “just abandon the framework that has worked in our society for hundreds of years” remark is bases on an implicit false assumption (that this traditional “framework” is one in which there is always some way for the government to access information). In fact, our society has always worked in a framework where some things (e.g. memories not committed to physical records, destroyed physical records) are simply inaccessible no matter what legal authorizations are presented.

  96. Joe Cardillo

    This is a good point, but worth noting that one of the conditions for the last 10-15 years that the FBI and other gov’t agencies have placed on tech co’s with these types of requests is that it’s done completely in the dark. In other words, the tendency regardless of who’s involved or what the type of info is —> “we’re going to compel you to do this, and you can’t alert anyone that their privacy is breached, nor can you provide your customers or users with any information about how these types of requests get made or what parameters they are made within.”FISA and Patriot Act requests, for example, have increased radically in the last decade, and while I see plenty of problems with how tech co’s approach security, until the gov’t is willing to establish a better framework than “hey we’re going after terrorists, give us everything whenever we want and you don’t get to question it or tell anyone” I think they are right to push back.

  97. Pajiba_Pragmatist

    Ann, can you provide any actual links to the claim on kidnapping? I note that FBI director Jim Comey was asked this very question at the Brookings event where he made his case for a “front door”. Comey could not provide a single example where a kidnapping victim was put at risk because data was not available. So far the “locked in the trunk of a car” scenario is strictly the land of make believe.Moreover, we allow all sorts of other devices in our lives that prevent law enforcement access to data – shredders don’t come with a chip for law enforcement, nor to fireplaces.

  98. 181

    An LEO’s job is not supposed to be easy. This is BY DESIGN. Read the bill of rights.Wouldn’t be easy to simply remove those rights and “trust” all LEOs and government officials? Sure, but that means the end of democracy.

  99. ZekeV

    I also have a number of friends in various law enforcement roles, state police, FBI, and DOJ. They have never once complained to me about gaining cooperation from tech companies in complying with warrants. Or are your friends frustrated at the lack of cooperation in warrantless requests? In which case, the fact that your friends even discuss these matters with you is problematic.

  100. Pajiba_Pragmatist

    That is a false dichotomy, one predicated on the belief that our society is somehow safer when that access is given. In fact, most Americans face a far greater risk to their selves from weak data protection in the form of identity theft. Contrary to what news channels try to push at you, Americans are far more physically safe than we have been since the 1950’s, and possibly ever, given the paucity of accurate crime statistics for communities of color.Moreover, the history of the FBI is replete with examples of information gathered “lawfully” being misused. For example, the FBI spied on Martin Luther King, discovered infidelity, and used that information to write an “anonymous letter” to convince him to commit suicide.Finally, this order is not about making people safe, it’s about what the government can mandate in terms of action by private citizens. If the government has the phone, then figure out how to break it – but requiring companies or individuals to write new software that would compromise all their users is an unacceptable overreach.

  101. ZekeV

    Of course not. However, I am skeptical of these concerns that you are citing. In the recent Apple case, the government had other ways to access the info they desired. Nevertheless, they argued (falsely, as far as I can tell) that they needed Apple to create an alternative iOS version that grants access to an encryption key stored on the device. I can imagine cases where this would in fact be required, but it doesn’t seem to be required in the case they chose to press this argument. I am amazed that there is not an actual, publicly-acknowledged case where this particular concern was a real, non-manufactured issue. I am not an expert on this area, so happy to be corrected if I’m wrong either on the technology or the law.

  102. LE

    If they can come into your home while you’re sleeping, snoop around, take what they need, and leave without you knowing, is that OK?Not understanding the comparison. With respect to this issue nobody is claiming that the government is requested a way to do this w/o the knowledge of the person who has or owns the device. [1][1] Of course if that was the case I’d be ok with it anyway but that is not what is being proposed or discussed.

  103. LE

    If you trust the government when they tell you “we’ll only snoop on the bad guys!” you haven’t been paying attention.I never said I trust that they only snoop on bad guys. Only that anything that I might do (that they might snoop on) doesn’t rise to the level of something that I think they can or will do anything about. When they start giving me speeding tickets for doing 65 in a 55 zone I will probably think more about this issue. [1]What is in your wallet or on your cell phone? Nothing in mine that I happen to care if the government gets. Edit: And while it would be unfortunate if what was on it was in the hands of criminals I try to limit the footprint of data on that device so that it’s not that big of an issue to me personally. And I feel that the level of encryption that was on the phone 5 years ago is sufficient for the actual risk that I have.Btw, I would like to know how many people drive around each and every day with laptops that aren’t encrypted and leave them in all sorts of places (like autos) where they could be stolen. Or in a hotel room.[1] Noting that red light cameras in my area were blown back because they actually have an impact that people can notice.

  104. LE

    Giving up your personal privacy because “you have nothing to hide” is simply ridiculous. So we can just leave it at “I have no problems with giving up my personal privacy in this particular situation” them. Not sure why I have to beat to your drum or anyone else’s on this. I care about what I care about, not what you care about. Of course if you want to give me some concrete downside risks as in “smoking can lead to lung cancer” then I am all ears. Not general “giving up your personal privacy is stupid” type arguments.jailed people for years without charging them with any specific crime, etc.Outlier concern. Not something I loose sleep over. Would you care to provide statistics on how likely in a country of over 300 million people that happens? Because I am more worried about my own set of outlier events with a small chance of happening. Not ones you and others want to highlight.You know there is a window in my bathroom where the house in the back, under certain circumstances, can probably see me in the bathroom. Now if I saw someone staring at me (I never have) I would probably be weirded out by it. But I don’t see anything so it’s not something that I think about. And the important thing is this. I could easily take steps to reduce the risk of being seen in the bathroom to zero but then again I’d have to put up an ugly shade or tint the windows. So the downside isn’t big enough for me to do that. Not something I care or worry much about. And if someone sees me, who gives a fucking shit anyway? It’s unfortunate of course that I can’t sue like Erin Andrews did because with the money I could buy more land.

  105. LE

    Can you show me any time the government has used all the surveillance they’ve put in to *stop* an attack preemptively?Sure as soon as they run ads or issue press releases (like investment banks do when they appoint managing directors). In other words they don’t need to do this PR and they will probably never do this PR. By the way I don’t hear about many of the positive things that they government does, only when they fuck up.This is really solid logic… since you’re ok with some strangers potentially seeing you naked, you should also allow the government unfettered access to personal data whenever they deem the person a “threat” ? Not the best analogy ever made.No I am ok with the government regarding this particular issue.See that is the good thing about AVC and my comments here. If you know me you would know that I often sprinkle my comments with personal anecdotes. The good thing is there are no grades here and I am not paid to do this. So I can essentially say what I want. I never said it was a close analogy by the way.

  106. jeromearmstrong

    Hi Charlie, it is an interesting moment. The Gov’t fears they have lost control, and they have.

  107. JLM

    .The gov’t knows they have lost control.The establishment is realizing they are losing control of their own political ambitions.The people are waking up to the idea they just might be in control.This is an interesting time to be alive. Might remind folks of the American Revolution.JLMwww.themusingsofthebigredca…

  108. JoeK

    Yes, my mistake!

  109. ShanaC

    probably can’t. long story as to why they can’t, and why I think they can’t, and I won’t discuss it in public, but probably can’t

  110. ShanaC

    I’d have a lot of explaining to do: i hear too much from a way too large of a group of people…

  111. ShanaC

    Fiance is a mathematician

  112. ShanaC

    Yes, I am engaged. and the man/dinosaur (he’s the dinosaur, I’m the fairy, moving on) is a mathematician, specifically a logician, though now moving in applied math/cs involving nlp while still doing work in logic

  113. ShanaC

    I can ask my fiance.

  114. Marcus

    If someone were selling door locks that absolutely could not be picked and windows that absolutely could not be broken, I’d definitely be interested, and would definitely not be interested in putting up with government busybodies telling me to stick with the old system and just suck it up if I get burgled.