The FBI used to recommend encryption. Now they want to ban it

FBI Director James Comey doesnt want you to encrypt your phone...for your own safety, of course. Photograph: Susan Walsh/AP

The FBI wants to make us all less safe. At least thats the implication from FBI director Jim Comeys push to ban unbreakable encryption and deliberately weaken everyones security. And its past time that the White House makes its position clear once and for all.

Comey was back before Congress this week - this time in front of the House Appropriations Committee - imploring Congressmen to pass a law that would force tech companies to create a backdoor in any phone or communications tool that uses encryption.

He also revealed the Obama administration may be crafting such a law right now. One of the things that the administration is working on right now is what would a legislative response look like that would allow us with court process to get access to that evidence, he said.

The whole controversy stems from Apples decision to encrypt iPhones by default - so that only the user can unlock a phone with a pin or password and even Apple itself does not have the key. It was a huge step forward for security, and given that the US government considers cybersecurity attacks a more dire threat than terrorism, youd think theyd be encouraging everyone to use more encryption. But Comey essentially argued to Congress that because encryption sometimes makes FBI investigations harder, it should be outlawed.

The idea that all of a sudden the FBI is going dark and wont be able to investigate criminals anymore thanks to a tiny improvement of cell phone security is patently absurd. Even if the phone itself is protected by a passphrase that encrypts the device, the FBI can still go to telecom companies to get all the phone metadata they want. They can also still track anyone they choose by getting a cell phones location information 24 hours a day, and of course they can still wiretap the calls themselves. Lets not forget that with a four digit passcode - like iPhones come with by default - can easily broken into by the FBI without anyones help anyways. So a vast majority of this debate is already moot.

Beyond a few vague hypotheticals, Comey wouldnt give any specific examples at the hearing about where this has tripped up the FBI before, but the last time the FBI did, what they said was immediately debunked as nonsense.

If you want to understand why encryption is important for protecting your data, look no further than the FBIs own website. Well, at least you could until last week. For years, the FBI recommended people enable encryption on their phone to protect themselves against criminals, but at some point prior to Comeys testimony, the FBI scrubbed that information from public view. (On 27 March the FBI told the National Journal that the security tips were not intentionally deleted, but were because of the agencys ongoing website redesign.)

In other words, as security expert Jonathan Zdziarski remarked, the FBI has weakened their recommended standards [and] best practices to intentionally leave you vulnerable to security breaches. Computer science professor Matt Blaze put it another way: Basically, the FBI is saying that they think youre more likely to commit a crime than need to protect yourself against crime.

The only thing worse than Comeys position was the know-nothing members of the Appropriations Committee, who at various times were fawning all over Comeys proposal and displaying zero knowledge about basic technological precepts. The video of the back-and-forth is cringe worthy.

Follow this link:
The FBI used to recommend encryption. Now they want to ban it