One US senator is calling out the director of the Federal Bureau of Investigation for pushing the moronic notion that there is somehow a good way to add backdoors to encryption used to protect devices like Apple’s iPhone.
In a speech earlier this month, FBI Director Christopher Wray carried on the time-honored agency tradition of claiming that Silicon Valley can backdoor encryption safely if its workforce just nerds a little bit harder. The argument, made by Wray and other officials before him, is that the tech industry’s best and brightest are just being recalcitrant and could offer up a golden key for law enforcement to access encrypted communications if they really wanted to. After all, these are the people that created self-driving cars, the thinking goes. Why can’t they break encryption in a good way while they’re at it?
The problem, according to Wray, is that law enforcement is stymied by phone encryption, which is now widespread. During his January 9th speech at the International Conference on Cyber Security in New York, Wray called the prevalence of encryption an “urgent public safety issue” and said it had prevented law enforcement from accessing some 7,800 devices in the last fiscal year. Tech companies, Wray said, “should be able to design devices that both provide data security and permit lawful access with a court order.”
But this is exactly what cryptographers and tech companies have repeatedly warned they can’t do, arguing that creating “lawful access” would also open the door to all sorts of hackers and malicious actors, undermining the security of the entire internet in the process.
Wray’s speech undoubtedly spurred frustration in Silicon Valley, and it appears he pissed off Sen. Ron Wyden as well. During Wray’s confirmation process last summer, Wyden pressed him on the topic of encryption. Wray claimed he hadn’t formed a policy position on the issue, and Wyden requested that Wray consult with him before going public with his position. That apparently didn’t happen.
In a letter sent to Wray today, Wyden chastised him for advocating “a flawed policy that would harm American security, liberty, and our economy” and for not contacting Wyden prior to giving his speech.
Wyden ripped into Wray’s speech:
Your stated position parrots the same debunked arguments espoused by your predecessors, all of whom ignored the widespread and vocal consensus of cryptographers. For years, these experts have repeatedly stated that what you are asking for is not, in fact, possible. Building secure software is extremely difficult, and vulnerabilities are often introduced inadvertently in the design process. Eliminating these vulnerabilities is a mammoth task, and experts are unified in their opinion that introducing deliberate vulnerabilities would likely create catastrophic unintended consequences that could debilitate software functionality and security entirely.
The Democratic senator also demanded that Wray release a list of the cryptographers he’d met with to form his opinions on encryption, specifically identifying which experts advised backdooring encryption:
I would like to learn more about how you arrived at and justify this ill-informed policy proposal. Please provide me with a list of the cryptographers with whom you’ve personally discussed this topic since our July 2017 meeting and specifically identify those experts who advised you that companies can feasibly design government access features into their products without weakening cybersecurity. Please provide this information by February 23, 2018.
We’re guessing it’s a short list.