NNSquad - Network Neutrality Squad
[ NNSquad ] Why law enforcement may not *really* care so much about Encryption Now!
Why law enforcement may not *really* care so much about Encryption Now! A number of persons have asked me why law enforcement and the government in general appear to publicly be demanding unencrypted access to (at least) all major encrypted communications systems, while -- in more private conversations -- often seem to suggest that they already have "backdoor" means to deal with most popular systems when they really need to. Clearly having direct, centralized access to these systems' communications on demand and "in the clear" (unencrypted) makes surveillance operations a lot easier, but I think it's important to note the distinction between *subverting* a system and *bypassing* it. For example, you don't necessarily *need* a backdoor mechanism in PGP to capture associated communications in the clear, given the overall lack of security of PCs and related platforms in general. (However, directly subverting these packages can be easier than many people realize, due to sloppy key management practices by users and similar behaviors). By and large, my sense is that the law enforcement/security "workaround" for strong encryption is to try contaminate the targets' computers directly. The key (no pun intended) is to plant a sufficiently sophisticated trojan on the machines of interest, either by somehow tricking the targets into installing it through any of a number of conventional means (such as "weaponized" email attachments, or through physically gaining access to the machines long enough to plug in a usb memory stick or CD for a few seconds). Once accomplished, you can use keyloggers and screen capture tools (plus you already have filesystem access) that don't actually "break" the encryption per se, but essentially bypass it in terms of collecting and transmitting the desired intelligence. Sooner or later, your targets are likely going to read or write the text of interest in the clear locally. That's when you nab it, and slip it out of the machine through any number of means. It's even possible to plant a tiny physical device inside the machine in many cases, providing even more direct access and a completely isolated (e.g. radio) communications channel. That's the short summary for now, anyway. And by the way, if you ever find such a device in your equipment, be sure not to throw it out. The government may show up at your door demanding their expensive little gadget back, as they've done with people who have discovered government GPS locators planted on their vehicles. After all, budgets are tight, right? --Lauren-- Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren Co-Founder: People For Internet Responsibility: http://www.pfir.org Founder: - Network Neutrality Squad: http://www.nnsquad.org - Global Coalition for Transparent Internet Performance: http://www.gctip.org - PRIVACY Forum: http://www.vortex.com Member: ACM Committee on Computers and Public Policy Blog: http://lauren.vortex.com Twitter: https://twitter.com/laurenweinstein Google Buzz: http://bit.ly/lauren-buzz Quora: http://www.quora.com/Lauren-Weinstein Tel: +1 (818) 225-2800 / Skype: vortex.com