FBI - Encryption is Great as Long as it Still Lets Us In

Uploaded on 2015-07-15 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

1389365257000-AP-State-Senator-Investigated-001.jpg

FBI Director James Comey

FBI Director James Comey defended his agency’s position that too-tough-to-crack encryption poses a threat to national security, arguing that terrorists are increasingly using the technology to lock out law enforcement and coordinate attacks.
Comey, in a brief op-ed appearing on the prominent national security blog Lawfare, said that “there are lots of good things” about universal strong encryption, such as expanded privacy and protection from cybercriminals. But those benefits must be balanced against the potential risks created by making it more difficult for the government to access the digital communications and data of those suspected of wrongdoing, he said.
“When the government’s ability—with appropriate predication and court oversight—to see an individual’s stuff goes away, it will affect public safety,” Comey wrote. “That tension is vividly illustrated by the current ISIL threat, which involves ISIL operators in Syria recruiting and tasking dozens of troubled Americans to kill people, a process that increasingly takes part through mobile messaging apps that are end-to-end encrypted, communications that may not be intercepted, despite judicial orders under the Fourth Amendment.”
Comey said that the same tension could be seen in domestic criminal investigations as well, adding that “there is simply no doubt that bad people can communicate with impunity in a world of universal strong encryption.”
Comey’s post previews a showdown later this week on Capitol Hill, where he will testify before two powerful Senate committees on Wednesday about the dangers of law enforcement “going dark” in its investigations due to encryption. Comey will appear before the Intelligence Committee, a rare open hearing before the normally closed-door panel, and the Judiciary Committee.
The Obama administration has grown increasingly wary about encryption on smartphones ever since Apple and Google last year announced efforts to offer tighter security by default on their products. Earlier this year, President Obama warned that, “if we get into a situation which the technologies do not allow us at all to track somebody we’re confident is a terrorist … that’s a problem.”
But many cybersecurity experts strongly disagree with Obama and Comey. Many believe there is no such thing as a “golden key” for encryption that could allow law-enforcement, or national security professionals, access into an encrypted device without also creating a vulnerability that malicious hackers could exploit. A secret 2009 U.S. cybersecurity report obtained by Edward Snowden and published by The Guardian seemed to back that view up, warning that government and private computers are vulnerable to cyberattacks from Russia, China, and criminal actors if stronger encryption was not adopted across the board.
DefenseOne: http://bit.ly/1JdEgUX

« British PM Wants To Ban Encryption
Unlocking the Potential of the Internet of Things »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BH Consulting

BH Consulting

BH Consulting we are a vendor independent consulting firm providing market leading range of information security services focused on data protection and cybersecurity.

Webroot

Webroot

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe.

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA) is a non-profit organization dedicated to leading a diversified research agenda in the field of cyber conflict.

Canadian Centre for Cyber Security (CCCS)

Canadian Centre for Cyber Security (CCCS)

The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure, the private sector and the public.

Orange Cyberdefense

Orange Cyberdefense

Orange Cyberdefense is the expert cybersecurity business unit of the Orange Group, providing managed security, managed threat detection & response services to organizations around the globe.

Science Applications International Corporation (SAIC)

Science Applications International Corporation (SAIC)

SAIC is a premier technology integrator in the technical, engineering, intelligence, and enterprise information technology markets. Services and solutions include Cybersecurity.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

DigitalXRaid

DigitalXRaid

DigitalXRAID is driven and motivated to ensure the bad guys don’t win. We’re dedicated to providing our clients with state-of-the-art cyber security solutions.

Cloudrise

Cloudrise

Cloudrise are elevating cloud security, data protection, and privacy through assessment, technology enablement, and process automation.

DataSixth Security Consulting

DataSixth Security Consulting

DataSixth delivers Cybersecurity Intelligence. With our unique capabilities, we’re able to deliver value, deliver answers, and deliver actionable security intelligence.

Atomic Data

Atomic Data

Atomic Data is an on-demand, always-on, pay-as-you-go expert extension of your enterprise IT team and infrastructure.

Codean

Codean

The Codean Review Environment automates mundane software analysis tasks, so security experts can focus on finding vulnerabilities.

Bluewave

Bluewave

Bluewave are a strategic IT advisory company that offers businesses a simple and comprehensive way to purchase information technology solutions.

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

ERCOM

ERCOM

Ercom, a subsidiary of the Thales Group, is a French company known for its mobility security solutions.

ZEST Security

ZEST Security

The ZEST platform natively integrates into your technology stack to make efficient risk remediation possible.