Risks of more spying, hacking called high
Win McNamee/Getty Images /File 2015
SAN FRANCISCO — An elite group of code makers and code breakers is taking American and British intelligence and law enforcement agencies to task in a new paper that evaluates government proposals to maintain special access to encrypted digital communications.
On Tuesday, the group — 13 of the world’s pre-eminent cryptographers, computer scientists, and security specialists — were to release the paper, which concludes there is no viable technical solution that would allow the US and British governments to gain “exceptional access” to encrypted communications without putting the world’s most confidential data and critical infrastructure in danger.
The report was to be released a day before James B. Comey Jr., director of the FBI, and Sally Quillian Yates, deputy attorney general, are scheduled to testify before the Senate Judiciary Committee on the concerns they have about “going dark” — the fear that new encryption technologies will prevent them from monitoring the communications of kidnappers, terrorists, and other adversaries.
The authors of the report said such fears did not justify risking the world’s digital communications.
Given the inherent vulnerabilities of the Internet, they argued, reducing encryption is not an option. Handing governments a key to encrypted communications would also require an extraordinary degree of trust. With government agency breaches now the norm — most recently at the Office of Personnel Management, State Department, and White House — the security specialists said authorities cannot be trusted to keep such keys safe from hackers and criminals. They added that if the United States and Britain mandated backdoor keys to communications, it would spur China and other governments in foreign markets to do the same.
“Such access will open doors through which criminals and malicious nation-states can attack the very individuals law enforcement seeks to defend,” according to the report. “The costs would be substantial, the damage to innovation severe, and the consequences to economic growth hard to predict. The costs to the developed countries’ soft power and to our moral authority would also be considerable.”
While government pleas for exceptional access to encrypted files have drawn plenty of criticism from privacy advocates and technology companies, the report is the first in-depth, technical analysis of government proposals by leading cryptographers and security thinkers. The group — which includes Whitfield Diffie, a pioneer of public key cryptography, and Ronald L. Rivest, the “R” in the widely used RSA public cryptography algorithm — fought a similar proposal for encryption access in 1997.
Back then, the group analyzed the technical risks and practical shortcomings of a proposal in the Clinton administration called the Clipper chip. Clipper would have poked a hole in cryptographic systems by requiring technology manufacturers to include a small hardware chip in their products that would have ensured the government would always be able to unlock scrambled communications.
The group of cryptographers won that round. The Clinton administration, which had pushed for the Clipper chip, abandoned the effort after the group’s analysis showed it would have been technically unfeasible. An unlikely coalition of technologists, liberals, conservatives, and even evangelicals argued that the chip would destroy privacy. The final nail in the coffin came after Matthew Blaze, then a 32-year-old computer scientist at AT&T Bell Laboratories, discovered a flaw in the Clipper system that would have allowed anyone with technical know-how to get access to the key to encrypted communications. Now the group of cryptographers has convened for the first time since 1997.
“The decisions for policy makers are going to shape the future of the global Internet and we want to make sure they get the technology analysis right,” said Daniel J. Weitzner, head of the MIT Cybersecurity and Internet Policy Research Initiative. and a former deputy chief technology officer at the White House, who coordinated the latest report.
If US and British government proposals were carried out, those companies would have to ease such programs. In Britain, Prime Minister David Cameron has threatened to ban encrypted messaging apps.
In the United States, Michael S. Rogers, director of the NSA, has proposed that technology companies be required to create a digital key that could unlock encrypted communications, but divide the key so that it couldn’t be used by one person or government agency alone.
Massachusetts is set to become the seventh state to mandate family and medical leave — with pay. But it’s kind of complicated.Continue reading »
The newly-formed company from Warren Buffett, Jeff Bezos, and Jamie Dimon is reportedly looking for about 20,000 square feet of space in Boston.Continue reading »
Formed by billionaire investor Warren Buffett, Amazon’s Jeff Bezos, and JPMorgan Chase CEO Jamie Dimon, the company will be led by Brigham and Women’s surgeon Dr. Atul Gawande.Continue reading »
The ruling, which opened the door for states to collect sales taxes on products their residents buy from online retailers in other states, is a loss for Mass.-based online retailer Wayfair.Continue reading »
Plans for a Kendall Square restaurant eventually became the amazingly popular Venture Café.Continue reading »
The little-known company, a comparison shopping site for auto insurance, looks almost nothing like a hot consumer technology firm.Continue reading »
The wide-ranging “grand bargain’’ bill would also impose a small payroll tax on workers and employers to pay for the leaves.Continue reading »
Regulators increasingly worry that smaller banks, with less robust cyber security, will provide pathways into the US financial system.Continue reading »
It sounds like a preposterous idea: Collect a sample of every type of bacteria that lives in the human gut. But that’s the goal of Bernat Olle, an MIT-trained chemical engineer. Over the past three years, the Cambridge biotech startup he runs, Vedanta Biosciences Inc., has assembled a menagerie of some 60,000 bacteria types.Continue reading »