Re: F.B.I. Director to Call ‘Dark’ Devices a Hindrance to Crime Solving in a Policy Speech

[Note:  This comment comes from friend David Reed.  DLH]

From: dpreed@reed.com
Subject: Re: F.B.I. Director to Call ‘Dark’ Devices a Hindrance to Crime Solving in a Policy Speech
Date: October 17, 2014 at 15:46:58 EDT
To: dewayne@warpspeed.com

This is starting to sound like a replay of the “Crypto Wars” back in the early Clinton years.

What’s different, however, is that instead of the very limited needs of the NSA for national security that were being argued, now we are seeing that the FBI, a police agency and not a national security agency, a crucial difference, is seeking “total” rights to surveillance and search, and since its mission is largely inside the US, in domestic matters.

My public role in the Crypto Wars was (along with others of like minds) pointing out that the entire US economy relies on safe and private communications, and that products like Lotus Notes (the first commercial product to adopt RSA’s public key encryption as an always-on *standard* for intra- and inter-enterprise communications) needed protection of a very strong sort.

The NSA, of course, has many routes to defeat encryption – its work factor is small because one can acquire keys for even the strongest encryption algorithms quite easily, if you are willing to operate in the dark and outside the rule of law that they must obey in the US. The analogy is that you can enter a doublebolt locked house quite easily if you are willing to use kinetic methods – security is no stronger than the weakest link.

But what the FBI is seeking is a widespread weakening of all communications in the US to make it trivial to break into any phone, any computer, … without detection at all, and without any ability to know either before or after that they have broken in.

This would apply to businesses, to health care providers, to psychiatrists, … and would be able to infer enormous amounts of information about people from records kept in other people’s devices.

There’s no one specific “evil” result to be a fear-monger about – there is a combinatorial explosion of such bad opportunities that the mind boggles.  They can even automate the surveillance with “big data analytics” to combine such information, as we have seen.  Judges routinely approve “search queries” on large databases of collected information that search on broad terms, yet the claim continues that if a “computer” does the searching, it’s not a human law enforcement officer doing the search, so it’s not covered by any precedents about unreasonable search and seizure.

Generally, our society needs a police function.  But “policing” neither requires nor means “super powers”.  (well, except in TV dramas like Scorpion where a call to some friend in the pentagon can rain full-dress, masked Special Forces down on any place in the US with automatic weapons and grenade launchers).

And in our normal society, we don’t have the FBI constantly rummaging around in every executive’s contact list or operating cameras inside every private company’s place of business.   THey are not, by default, given access to the phone calls of doctors with patients, doctors with doctors, etc. to try to see if there is any evidence of wrongdoing.

Yet this appears to be what the FBI wants – no privacy barriers preventing their privileged recording of anything they want to, and since they are a law-enforcement agency that depends on state law-enforcement cooperation, they’d presumably urge the same powers for state and local police as well, and perhaps other Federal Law enforcement, such as the National Parks Service, etc. (at least through the Fusion Centers).

They appeal to a paranoid idea: that we the people are so untrustworthy and our natural environment so filled with “bad guys” that we must all be watchable all of the time.

Crime is going down every year – statistics back that up.  But by playing with the country’s fears, it seems to me that we are in danger of confusing the police’s interests with the interest of the people.

As I opened this comment, there is something strange going on when we start seeing the police wanting to be all-powerful, and arguing that they need to be.  This has me more worried than I was when the NSA was seeking to weaken or prevent commercial and private encryption.

FBI Director James Comey: ‘Going Dark: Are Technology, Privacy, and Public Safety on a Collision Course?’
Oct 16 2014
<http://www.fbi.gov/news/speeches/going-dark-are-technology-privacy-and-public-safety-on-a-collision-course>

Los Angeles court got license plate reader ruling totally wrong, groups say

Los Angeles court got license plate reader ruling totally wrong, groups say
In appeal, ACLU and EFF say court has “fundamental misunderstanding” of LPRs.
By  Cyrus Farivar
Oct 16 2014
<http://arstechnica.com/tech-policy/2014/10/los-angeles-court-got-license-plate-reader-ruling-totally-wrong-groups-say/>

Two activist groups have filed an appeal in their lawsuit against the Los Angeles Police Department and the Los Angeles Sheriff’s Department to access one week’s worth of license plate reader data. The Electronic Frontier Foundation (EFF) and the American Civil Liberties Union of Southern California (ACLU SoCal) lost their case before a Los Angeles Superior Court judge last month.
In May 2013, the American Civil Liberties Union of Southern California and the Electronic Frontier Foundation sued the law enforcement agencies in an attempt to compel the agencies to release a week’s worth of LPR data from a particular week in August 2012.

The judge in the lower court ruling found that the law enforcement agencies could withhold such license plate reader (LPR) records through a particular exemption under the California Public Records Act that allows investigatory records to be kept private.

In their Tuesday court filing, the groups argued to the appellate court that such a finding “demonstrates a fundamental misunderstanding of how the technology operates and of Petitioners’ purpose in seeking these records.”

They continued, “Second, based in part on its misunderstanding of the technology, the Superior Court held that ALPR data—collected indiscriminately on all Los Angeles drivers—constitutes ‘records of . . . investigations’ under § 6254(f). This holding means that all vehicles on the streets of Los Angeles are constantly under investigation, a conclusion that simply does not fit with common understanding of the term ‘investigation,’ and which inappropriately expands the scope of § 6254(f) beyond all precedent.”

In late July 2012, the ACLU and its affiliates sent requests to local police departments and state agencies across 38 states to request information on how LPRs are used.

LAPD has 242 car-mounted cameras

As Ars has previously reported, LPRs are used in cities big and small across the United States. Typically, the specialized cameras scan a given plate using optical character recognition technology, checking that plate against a “hot list” of stolen or wanted vehicles. The device typically records the date, time, and GPS location of any plate that it sees.

The cameras scan at an extremely high rate, usually around 60 plates per second. Law enforcement policies vary widely concerning how long that information can be retained. Different agencies keep that data anywhere from a few weeks to indefinitely. Some cities have even mounted such cameras at their city borders, monitoring who comes in and out. Various jurisdictions disagree about whether individuals can access their own LPR records, much less a broader dataset.

[snip]

FBI Director James Comey: ‘Going Dark: Are Technology, Privacy, and Public Safety on a Collision Course?’

FBI Director James Comey: ‘Going Dark: Are Technology, Privacy, and Public Safety on a Collision Course?’
Oct 16 2014
<http://www.fbi.gov/news/speeches/going-dark-are-technology-privacy-and-public-safety-on-a-collision-course>

Remarks as delivered.

Good morning. It’s an honor to be here.

I have been on the job as FBI Director for one year and one month. I like to express my tenure in terms of months, and I joke that I have eight years and 11 months to go, as if I’m incarcerated. But the truth is, I love this job, and I wake up every day excited to be part of the FBI.

Over the past year, I have confirmed what I long believed—that the FBI is filled with amazing people, doing an amazing array of things around the world, and doing them well. I have also confirmed what I have long known: that a commitment to the rule of law and civil liberties is at the core of the FBI. It is the organization’s spine.

But we confront serious threats—threats that are changing every day. So I want to make sure I have every lawful tool available to keep you safe from those threats.

An Opportunity to Begin a National Conversation

I wanted to meet with you to talk in a serious way about the impact of emerging technology on public safety. And within that context, I think it’s important to talk about the work we do in the FBI, and what we need to do the job you have entrusted us to do.

There are a lot of misconceptions in the public eye about what we in the government collect and the capabilities we have for collecting information.

My job is to explain and clarify where I can with regard to the work of the FBI. But at the same time, I want to get a better handle on your thoughts, because those of us in law enforcement can’t do what we need to do without your trust and your support. We have no monopoly on wisdom.

My goal today isn’t to tell people what to do. My goal is to urge our fellow citizens to participate in a conversation as a country about where we are, and where we want to be, with respect to the authority of law enforcement.

The Challenge of Going Dark

Technology has forever changed the world we live in. We’re online, in one way or another, all day long. Our phones and computers have become reflections of our personalities, our interests, and our identities. They hold much that is important to us.

And with that comes a desire to protect our privacy and our data—you want to share your lives with the people you choose. I sure do. But the FBI has a sworn duty to keep every American safe from crime and terrorism, and technology has become the tool of choice for some very dangerous people.

Unfortunately, the law hasn’t kept pace with technology, and this disconnect has created a significant public safety problem. We call it “Going Dark,” and what it means is this: Those charged with protecting our people aren’t always able to access the evidence we need to prosecute crime and prevent terrorism even with lawful authority. We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so.

We face two overlapping challenges. The first concerns real-time court-ordered interception of what we call “data in motion,” such as phone calls, e-mail, and live chat sessions. The second challenge concerns court-ordered access to data stored on our devices, such as e-mail, text messages, photos, and videos—or what we call “data at rest.” And both real-time communication and stored data are increasingly encrypted.

Let’s talk about court-ordered interception first, and then we’ll talk about challenges posed by different means of encryption.

In the past, conducting electronic surveillance was more straightforward. We identified a target phone being used by a bad guy, with a single carrier. We obtained a court order for a wiretap, and, under the supervision of a judge, we collected the evidence we needed for prosecution.

Today, there are countless providers, countless networks, and countless means of communicating. We have laptops, smartphones, and tablets. We take them to work and to school, from the soccer field to Starbucks, over many networks, using any number of apps. And so do those conspiring to harm us. They use the same devices, the same networks, and the same apps to make plans, to target victims, and to cover up what they’re doing. And that makes it tough for us to keep up.

If a suspected criminal is in his car, and he switches from cellular coverage to Wi-Fi, we may be out of luck. If he switches from one app to another, or from cellular voice service to a voice or messaging app, we may lose him. We may not have the capability to quickly switch lawful surveillance between devices, methods, and networks. The bad guys know this; they’re taking advantage of it every day.

In the wake of the Snowden disclosures, the prevailing view is that the government is sweeping up all of our communications. That is not true. And unfortunately, the idea that the government has access to all communications at all times has extended—unfairly—to the investigations of law enforcement agencies that obtain individual warrants, approved by judges, to intercept the communications of suspected criminals.

Some believe that the FBI has these phenomenal capabilities to access any information at any time—that we can get what we want, when we want it, by flipping some sort of switch. It may be true in the movies or on TV. It is simply not the case in real life.

It frustrates me, because I want people to understand that law enforcement needs to be able to access communications and information to bring people to justice. We do so pursuant to the rule of law, with clear guidance and strict oversight. But even with lawful authority, we may not be able to access the evidence and the information we need.

Current law governing the interception of communications requires telecommunication carriers and broadband providers to build interception capabilities into their networks for court-ordered surveillance. But that law, the Communications Assistance for Law Enforcement Act, or CALEA, was enacted 20 years ago—a lifetime in the Internet age. And it doesn’t cover new means of communication. Thousands of companies provide some form of communication service, and most are not required by statute to provide lawful intercept capabilities to law enforcement.

What this means is that an order from a judge to monitor a suspect’s communication may amount to nothing more than a piece of paper. Some companies fail to comply with the court order. Some can’t comply, because they have not developed interception capabilities. Other providers want to provide assistance, but they have to build interception capabilities, and that takes time and money.

The issue is whether companies not currently subject to the Communications Assistance for Law Enforcement Act should be required to build lawful intercept capabilities for law enforcement. We aren’t seeking to expand our authority to intercept communications. We are struggling to keep up with changing technology and to maintain our ability to actually collect the communications we are authorized to intercept.

And if the challenges of real-time interception threaten to leave us in the dark, encryption threatens to lead all of us to a very dark place.

Encryption is nothing new. But the challenge to law enforcement and national security officials is markedly worse, with recent default encryption settings and encrypted devices and networks—all designed to increase security and privacy.

With Apple’s new operating system, the information stored on many iPhones and other Apple devices will be encrypted by default. Shortly after Apple’s announcement, Google announced plans to follow suit with its Android operating system. This means the companies themselves won’t be able to unlock phones, laptops, and tablets to reveal photos, documents, e-mail, and recordings stored within.

Both companies are run by good people, responding to what they perceive is a market demand. But the place they are leading us is one we shouldn’t go to without careful thought and debate as a country.

At the outset, Apple says something that is reasonable—that it’s not that big a deal. Apple argues, for example, that its users can back-up and store much of their data in “the cloud” and that the FBI can still access that data with lawful authority. But uploading to the cloud doesn’t include all of the stored data on a bad guy’s phone, which has the potential to create a black hole for law enforcement.

[snip]

Google tests waters for potential ultra-fast wireless service

Google tests waters for potential ultra-fast wireless service
By ALEXEI ORESKOVIC
Oct 15 2014
<http://www.reuters.com/article/2014/10/15/us-google-wireless-idUSKCN0I42TN20141015>

(Reuters) – Google Inc is preparing to test new technology that may provide the foundation for a wireless version of its high-speed “Fiber” Internet service, according to telecommunication experts who scrutinized the company’s regulatory filings. 

In a public but little-noticed application with the U.S. Federal Communications Commission on Monday, Google asked the agency for permission to conduct tests in California across different wireless spectrums, including a rarely-used millimeter-wave frequency capable of transmitting large amounts of data.

It is unclear from the heavily redacted filing what exactly Google intends to do, but it does signal the Internet giant’s broader ambition of controlling Internet connectivity. The technology it seeks to test could form the basis of a wireless connection that can be broadcast to homes, obviating the need for an actual ground cable or fiber connection, experts say.

By beaming Internet services directly into homes, Google would open a new path now thoroughly dominated by Verizon, AT&T, Comcast and other entrenched cable and broadband providers. It could potentially offer a quicker and cheaper way to deliver high-speed Internet service, a potential threat to the cable-telecoms oligopoly, experts said.

“From a radio standpoint it’s the closest thing to fiber there is,” said Stephen Crowley, a wireless engineer and consultant who monitors FCC filings, noting that millimeter frequencies can transmit data over short distances at speeds of several gigabits per second.

“You could look at it as a possible wireless extension of their Google Fiber wireless network, as a way to more economically serve homes. Put up a pole in a neighborhood, instead of having to run fiber to each home,” said Crowley.

Craig Barratt, the head of the Google Access and Energy division leading the effort to offer high-speed fiber networks in Kansas City and other locations, signed off as the authorized person submitting Google’s FCC application.

The world’s No.1 Internet search engine has expanded into providing consumers with services such as Internet access. The company said it wants to roll out its high-speed Internet service to more than 30 U.S. cities, and in 2013 it struck a deal to provide free wireless Internet access to 7,000 Starbucks cafes across America. 

Earlier this year, technology news website The Information reported that Google was exploring ways to offer a full-fledged wireless service, with voice and Internet access, in markets where the company already offers its Fiber service. 

Google’s application to conduct the 180-day test is heavily redacted to protect confidential information that Google said would provide “valuable insight into Google’s technology innovations and potential business plans and strategy.” 

The purpose of the test is so that Google can “expeditiously test radios in a way that is likely to contribute to the development, extension, expansion or utilization of the radio art,” Google stated cryptically in one of the filings. 

Google declined to comment on the FCC filing.

[snip]

Google and Apple attack difficult tablet market

Google and Apple attack difficult tablet market
New iPad details leaked on day Google shows off first Nexus phablet, but tablets will not offset slowing smartphone growth
By CAROLINE GABRIEL
Oct 16 2014
<http://www.rethink-wireless.com/2014/10/16/google-apple-attack-difficult-tablet-market.htm>

Google and Apple are both launching tablets this week, and facing up to the inherent problem with this form factor – consumers upgrade them far more rarely than smartphones. As handset sales growth slows, especially in developed markets, tablets will not provide an adequate replacement, especially as their prices have fallen at a far more rapid rate than those of early smartphones. Therefore all the vendors will urgently need to stoke customer interest in alternative, and perhaps more disposable, devices, such as smartwatches, to offset the impending cellphone (and PC) slowdown. 

The iPad has had a very different buying pattern to its handset stablemates, and its contribution to Apple’s results is far more erratic. While smartphone upgrade cycles have been reduced to between one and two years, tablets are three years or more. About 14% of iPads in use in the US are still original 2010 models, according to analysis by Kantar Worldpanel. About one-third of the base is iPad 2, while the one-year old iPad Air comprises only 9%. 

Another problem for sales is that users are more likely to hand down an older model to a family member or friend, or to share one tablet between a whole family. Kantar’s Carolina Milanesi told CNET: “Everyone wants a phone, and everyone wants their own phone. Tablets are different.”

Gartner says that growth in tablet sales is “slowing quickly” and will be only 11% this year in unit terms, to reach about 229m devices – last year’s year-on-year leap was 55%. The iPad family is the market leader with 27% share in the second quarter, followed by Samsung on 17% with Galaxy Note and Tab. But the iPad has fallen as a percentage of Apple’s sales, to 16% in its fiscal third quarter from 18% a year earlier, at a time when the Macs are growing.

So the new iPad models will be important to the holiday season performance. In a rare blunder, Apple seemed to have leaked details of the new iPads, expected to be the centrepiece of its Thursday launch event, by mistake, rather than by design. An image published on the company’s iPad User Guide for iOS 8 on Wednesday suggested that the event would produce an iPad Mini 3 and an iPad Air 2.

There appeared to be nothing very new about the devices, which had similar physical designs and user interfaces to their predecessors, suggesting a fairly workaday upgrade event – though, of course, there was plenty of speculation about other new products such as a revamped Apple TV. 

The main new tablet feature revealed in the online document was the addition of the TouchID fingerprint sensor, which is already part of the new iPhones and Apple Pay. The new Mini and iPad Air sport iSight and FaceTime cameras, volume buttons and headset jacks, and the Mini 3 also has a nanoSIM slot for mobile broadband connectivity.

[snip]

F.B.I. Director to Call ‘Dark’ Devices a Hindrance to Crime Solving in a Policy Speech

F.B.I. Director to Call ‘Dark’ Devices a Hindrance to Crime Solving in a Policy Speech
By MICHAEL S. SCHMIDT
Oct 16 2014
<http://www.nytimes.com/2014/10/17/us/politics/fbi-director-in-policy-speech-calls-dark-devices-hindrance-to-crime-solving.html>

WASHINGTON — In his first major policy speech as director of the F.B.I., James B. Comey on Thursday plans to wade deeper into the debate between law enforcement agencies and technology companies about new programs intended to protect personal information on communication devices.

Mr. Comey will say that encryption technologies used on these devices, like the new iPhone, have become so sophisticated that crimes will go unsolved because law enforcement officers will not be able to get information from them, according to a senior F.B.I. official who provided a preview of the speech.

The speech was prompted, in part, by the new encryption technology on the iPhone 6, which was released last month. The phone is the first one that thwarts intelligence and law enforcement agencies, like the National Security Agency, from gaining access to it, even if the authorities have court approval.

The F.B.I. has long had concerns about devices “going dark” — when technology becomes so sophisticated that the authorities cannot gain access. But now, Mr. Comey said he believes that the new encryption technology has evolved to the point that it will adversely affect crime solving.

He will say in the speech that these new programs will most severely affect state and local law enforcement agencies, because they are the ones who most often investigate crimes like kidnappings and robberies in which getting information from electronic devices in a timely manner is essential to solving the crime.

They also do not have the resources that are available to the F.B.I. and other federal intelligence and law enforcement authorities in order to get around the programs.

Mr. Comey will cite examples of crimes that the authorities were able to solve because they gained access to a phone.

“He is going to call for a discussion on this issue and ask whether this is the path we want to go down,” said the senior F.B.I. official. “He is not going to accuse the companies of designing the technologies to prevent the F.B.I. from accessing them. But, he will say that this is a negative byproduct and we need to work together to fix it.”

Mr. Comey is scheduled to give the speech — titled “Going Dark: Are Technology, Privacy and Public Safety on a Collision Course?” — at the Brookings Institution in Washington.

Mr. Comey took over as the F.B.I. director in September 2013, and he received little national attention. He spent a significant amount of time crisscrossing the country to visit nearly each of the F.B.I.’s 56 field offices. At each stop, he gave a briefing to members of the local news media, although those rarely generated significant news.

In recent weeks, however, he has been far more visible. For the past two Sundays, he has been featured on the CBS News program “60 Minutes.” Jimmy Fallon, host of “The Tonight Show” on NBC, even chided him for his response to a question on “60 Minutes.”

And, he has latched on to the encryption issue, repeatedly criticizing Apple.

In the interview that aired on “60 Minutes” on Sunday, Mr. Comey said that “the notion that we would market devices that would allow someone to place themselves beyond the law troubles me a lot.”

He said that it was the equivalent of selling cars with trunks that could never be opened, even with a court order.

“The notion that people have devices, again, that with court orders, based on a showing of probable cause in a case involving kidnapping or child exploitation or terrorism, we could never open that phone?” he said. “My sense is that we’ve gone too far when we’ve gone there.”

Time zones, fiberglass, and frozen peas: PBS answers How We Got To Now

Time zones, fiberglass, and frozen peas: PBS answers How We Got To Now
Tech historian Steven Johnson connects the dots of innovation—and hates on Gutenberg.
By  Sam Machkovech
Oct 15 2014
<http://arstechnica.com/gaming/2014/10/time-zones-fiberglass-and-frozen-peas-pbs-answers-how-we-got-to-now/>

Welcome to the fuzzy, friendly era of modern mainstream science. Radiolab, Mythbusters, and varied radio and TV shows hosted by Neil DeGrasse Tysonand Bill Nye have injected humor, bombast, and likeability into the medium’s weirdest stories (not to mention a zillion science-friendly GIFs into an average day of web browsing).

That trend goes some way in explaining the latest co-production from the BBC and NPR, which has decided on a host-first approach for their latest six-part series, How We Got To Now. But with longtime technology and science historian Steven Johnson at the helm, the perspective is a little different—not about otherworldly sights and jaw-dropping discoveries, but about finding the extraordinary in the ordinary.

As a result, the episode titles sound pretty boring, with themes like “cold,” “sound,” and “glass” dominating each hour-long dive into history. But while the series probably won’t make Johnson a Tyson-esque giant of popular science, the stories of How We Got To Now aren’t just a surprising look at how innovations beget innovations. They’re also an infinitely watchable greatest-hits look at Johnson’s impressive tech-history career.

“Let’s make each episode be one ordinary thing that we don’t even think of technology anymore,” Johnson says about the series’ genesis via phone from his home office in Marin County, California. “Not an episode on the smartphone or GPS, but, like, clean drinking water or glass. Then tell the thousand-year history behind that thing.”

From Compuserve to OS X

The show traces its origins from various books Johnson has written, most particularly 2011’s Where Good Ideas Come From, which enjoyed extra attention thanks to a TED talk and an animated video of the same name, each of which attracted millions of views (and got PBS’ attention). It’d be a series about the history of innovation, because his career had already been obsessed with the history of innovation.

The author and host, a graduate of Columbia University’s English literature program, found his career beginning in the early ’90s with a juggle of “19th century literature, like Dickens and Middlemarch, and pre-web online communities like Compuserve, ECHO, and the WELL. For a while, I was living in two different worlds, one of literary history and one of the future.”

Johnson needed over three years to convince publishing houses that his first book pitch, dedicated to the idea of “computer interface design as a cultural force,” was worth chasing, which he said earned him laughs and mockery for a few years afterward. “But fast forward to the future, and how many words are those dissections of OS X you run?” Johnson asks. “A 40,000 word critique of a new operating system? That’s what I mean!”

He followed that debut with looks at technologically fueled pop culture (Everything Bad Is Good For You), the cholera epidemic (The Ghost Map), and chemistry’s place in the American Revolution (The Invention of Air). While Johnson wastes no time in pointing out his lack of scientific training, he has more than made up for it with over a decade of books that deftly combine technology, science, history, and painstaking research.

Let’s go skiing in Dubai!

On How We Got To Now, Johnson combines a lot of details from his past books, like research on cholera and thoughts on the rise of air conditioning, to fit each of the series’ six themes: cold, clean, sound, light, glass, and time. But even if you’re a storied Johnson fan, a few surprises await, mostly in the form of how seemingly disparate innovations couldn’t exist without each other.

For starters, Johnson argues in our conversation—almost too vociferously—that Gutenberg’s biggest impact on the world wasn’t the printing press itself.

[snip]