National Security Agency Director Adm. Mike Rogers said Thursday that “encryption is foundational to the future,” and arguing about it is a waste of time.
Speaking to the Atlantic Council, a Washington, D.C., think tank, Rogers stressed that the cybersecurity battles the U.S. is destined to fight call for more widespread use of encryption, not less. “What you saw at OPM, you’re going to see a whole lot more of,” he said, referring to the massive hack of the Office of Personnel Management involving the personal data about 20 million people who have gotten background checks.
“So spending time arguing about ‘hey, encryption is bad and we ought to do away with it’ … that’s a waste of time to me,” he said, shaking his head.
“So what we’ve got to ask ourselves is, with that foundation, what’s the best way for us to deal with it? And how do we meet those very legitimate concerns from multiple perspectives?”
Other government officials — most notably FBI Director James Comey — have been crusading for a way that law enforcement can get access to encrypted data.
But technologists pretty much universally agree that creating some sort of special third-party access would weaken encryption to the point that it would threaten every internet transaction we make, from online banking to filling out our health records to emailing our friends and significant others. A hole in encryption for special FBI access would be a hole that criminals could sneak through, too.
While there’s been a lot of talk about giving up some privacy for security, Rogers said both are paramount.
“Concerns about privacy have never been higher. Trying to get all those things right, to realize that — it isn’t about one or the other,” he said. He does not think that “security is the imperative and that ought to drive everything.” Nor should privacy, he continued. “We’ve got to meet these two imperatives. We’ve got some challenging times ahead of us, folks.”
Comey, who formerly advocated for a way to get law enforcement access without weakening encryption, recently switched tactics. Now he is pressuring companies to change their business models and simply not offer true end-to-end encryption to their customers.
The White House has decided not to pursue legislation to outlaw unbreakable end-to-end encryption, following pressure from privacy advocates and scientists. But the intelligence community’s top lawyer, Bob Litt, privately advised the administration that a major terrorist attack could be an opportune moment to do so.
And the White House has not issued a statement in defense of encryption, to the frustration of Apple CEO Tim Cook, among others.
Meanwhile, Sens. Richard Burr, R-N.C., and Dianne Feinstein, D-Calif., are reportedly planning their own proposed legislation to require law enforcement access.
Rogers’ comments could indicate a split on this issue between the intelligence community and domestic law enforcement.
A former NSA director, Michael Hayden, said in January that he thinks Comey is on the wrong side of this debate. “I disagree with Jim Comey. I actually think end-to-end encryption is good for America,” he said.
Hayden has also spoken about how U.S. intelligence agencies have figured out how to get the information they need without weakening encryption — such as using metadata, which shows who is contacting whom. Another former NSA boss, Mike McConnell, has also spoken out against trying to install backdoors in encryption.
Left unsaid is the fact that the FBI and NSA have the ability to circumvent encryption and get to the content too — by hacking. Hacking allows law enforcement to plant malicious code on someone’s computer in order to gain access to the photos, messages, and text before they were ever encrypted in the first place, and after they’ve been decrypted. The NSA has an entire team of advanced hackers, possibly as many as 600, camped out at Fort Meade.
Watch Rogers’ talk here:
Top photo: NSA Director Adm. Michael Rogers.
They (the NSA and other law Enforcement agencies ) will have to go back to standard police work that is, solving crimes instead of preventing them.
We, the people, will just have to live some element of risk.
Sounds leget….maybe all the alphabet agencies should have a back door in everything, I’m sure they would never misuse it. ROLMAO!
Fair’s fair – if they give us backdoor access to all of their communications, they can have the same. (And they say that Hillary’s not ahead of the game.)
Dianne Feinstein is an ad hominem hyperbole acerbic vitriol.
You no make no sense.
Technology companies, around the world, will NOT comply with ‘mandatory’ crackability… They will tell you to pound sand so far up your backside you’ll never have another average day in any bathroom…
“The White House has decided not to pursue legislation to outlaw unbreakable end-to-end encryption, following pressure from privacy advocates and scientists. But the intelligence community’s top lawyer, Bob Litt, privately advised the administration that a major terrorist attack could be an opportune moment to do so.” Shouldn’t that read “a major false flag attack”?
Dear Jenna,
Agreeing with most of the perfectly legitimate objections and serious doubts regarding the declarations of Mike Rogers already in the comments, I can’t imagine what changed his position so drastically in such little time.
A little less than a year ago, he manifested essentially the same position as FBI director Comey, at the Cybersecurity for a New America : Big Ideas and New Voices event, held on February 23, 2015 (https://www.newamerica.org/new-america/cybersecurity-for-a-new-america/ The fifth video downwards).
Even Bruce Schneier got to ask him a question regarding the issue.
I seriously doubt Rogers has been watching too many Bruce Schneier videos on youtube, but we can be certain that there’s a decision behind going from pretending he doesn’t know how encryption works, to being illuminated and correct the FBI and some people in Congress, who have once again been pushing against end-to-end encryption, and all in less than a year.
As much as we are all used to lip service and opportunistic declarations in American politics, this change can hardly go unnoticed. Any takes on that?
Cheers!
Cheers!
So the NSA has broken every encryption known to man and the FBI/CIA want them to share? That’s pretty much what this indicates to anybody paying attention…
No, they are bound by the same laws of physics like the rest of us. Stop spouting nonsense.
Well, they would be bound by the same limits if we were all privy to a million square feet building with a computer designed to gather and decode a billion tetrabytes.
It’s not physics limits, but computer limits-two different things.
What they are doing is taking advantage of known flaws in cryptographic primitives that were warned about for many years and no one listened. I don’t know why people seem to think that what they’re doing is new or evolutionary.
A small percentage of what the NSA and FBI do is totally legitimate and in the name of national security, so they should be given credit for that small portion of cases.
“Mission-Creep” seems to be the biggest enemy. Most government agencies don’t shrink or grow in proportion to the current threat or current priorities. For example: Antibiotics overuse, lightning strikes and some sports like football are far bigger threats than terrorism but those agencies will never shrink in size even if we win the so-called War on Terror – they simply find new non-terrorism targets.
Also the 4th Amendment is chronological – not preemptive – these practices turn the United States into a “guilty until proven innocent” justice system. It starts a search prior to a crime happening instead of following a crime.
Although these agencies do some great work on a small percentage of cases, not everything is their business! The Bill of Rights guarantees the right of citizens to be left alone.
These searches without a judicial warrant creates a preemptive practice like the movie “Minority Report” where citizens are punished and destroyed without ever committing a crime. This empowers government officials to act as a nanny-state where private citizens have uninvited “handlers”. Of course the nanny-state doesn’t follow it’s own oath of office to follow the U.S. Constitution.
“They who would give up an essential liberty for temporary security, deserve neither liberty or security.”
Benjamin Franklin
These kind of discussions remind me of talks I have with my father. I tell him if the govt says much of anything it’s at best shrouded half truths. Is the FBI just trying to make their jobs easier or, as I believe, they want the encryption talk to hide they already illegally tap into encrypted messages? So, just cut to the chase and tell us we now DON’T have any privacy or have any right to it. I don’t believe any fucking thing the govt “officially” claims, nothing at all and don’t ever see it going backwards. We now just have to be careful with what we do or say.
Sick of Government Spying, Americans Launch #TakeCTRL Campaign
23:15 21.01.2016 (updated 03:29 22.01.2016)
http://sputniknews.com/us/20160121/1033519635/government-spying-takectrl-campaign.html
Thinking a little out of the article’s focus:
Even if US-companies are enfored to implement backdoor by law, internet is still borderless. An prohibition of strong crypto in the US would lead to increased crypto-developement in Non-US parts of the world, e.g. Europe, which would be still usable.
Is this a door opener for a Western Firewall?
“The White House has not issued a statement in defense of encryption.” Doesn’t this count:
http://m.theregister.co.uk/2015/02/18/obama_backs_strong_crypto/
“Left unsaid is the fact that the FBI and NSA have the ability to circumvent…”
Left unsaid is “backdoors”.
It doesn’t matter what any of them say, as they all learn in Intelligence 101 that disinformation, misinformation and obfuscation are basic tenets. I found out early on that nothing is as it seems.
Are you sure nothing is as it seems, or does it just seem that way?
How naive does he thing the public is? How many times has the CIA and NSA lied to the public. What a crock a shit. They belong behind bars! They’ve just spawned a whole new generation of what it means to be a sane conservative and I voted for Obama both time. There’s a whole new generation of people who hate the government because of their warrantless interventions in innocent people lives.
The NSA and CIA have lied to the public so many times, I don’t believe a word they say. This is lip service to the naive. They just spawned a generation of new conservatives who hate government, and I used to be a D
Go directly to 65:00 and listen carefully. What a hoot! 14 yrs of protection? Ha! Too much bullshit! Too much! Lol!
We don’t violate the law. – NSA Director Adm. Michael Rogers Lol!
US, coalition looks to boost propaganda war on Islamic State | BY LOLITA C. BALDOR
JAN. 21, 2016 12:40 PM EST
[Excerpts]
“We’re having some success, we’re going to have more in the future, I would like to have even more, but democracies are slow, and they only tell the truth,” said [Ashton] Carter. “And in a message-driven Internet world, that puts you at a structural disadvantage compared to people who are nimble, agile, and lie. But we ought to try to do better.”
(…)
He said officials need to do more to encourage Internet providers to try to limit extremists’ use of the Internet as a recruitment tool, without unduly impeding online freedom.
“We have to eliminate their ability to exploit the Internet,” said Carter, “which is supposed to be a tool of civilization, of human communication, human understanding, human commerce, and not be used as an instrument for evil.”
http://bigstory.ap.org/article/fb751b7598654608ba946c774c555981/us-coalition-looks-boost-propaganda-war-islamic-state
The NSA, with a national security mandate, is free to hack into any computer it wishes. Its ultimate goal is to pwn every computer connected to the internet and create a giant global botnet. Encryption does not pose a barrier to this plan. In fact, it is an essential component of it.
The FBI must deal with rules of admissibility of evidence in court, and parallel construction can only go so far. They don’t want to be reliant on the NSA to provide them with information.
Hence the divergence of tactics. Ultimately, however, once the US government owns the internet, the various agencies will find a way to divide up the spoils. The average person shouldn’t worry too much about which vulture gets to pick over their carcass.
I probably made this sound too easy for the United States.
There will of course be a global cyber war, with the United States, China and Russia making incursions into each others networks. Cyber territory will be captured, lost and then recaptured. Eventually an uneasy equilibrium should develop, with the world divided into three power blocs: Oceania, Eurasia and Eastasia. I would like Oceania to take it all, but I recognize that every country needs at least one ally and one enemy.
Interesting. I guess we’re finding out whose three letter agency can crack (or circumvent) the encryption and whose can’t.
In other words “We already own everyone’s hard drive firmware so go ahead and encrypt to keep everyone else out”.
Security researchers have uncovered highly sophisticated malware that is linked to a secret National Security Agency hacking operation exposed by The Intercept last year.
https://theintercept.com/2015/02/17/nsa-kaspersky-equation-group-malware/
Astonishing, yet I do not believe a single word from NSA