Counting things that have unique IDs
Oh my, that's so very difficult. So very difficult indeed.
Perhaps we have found the cryptography "expert" the FBI used?
The FBI apparently gilded the lily in its long campaign against consumer cryptography, telling the world it held more locked phones than it did. At issue is the Feds' claim that it has seized 7,000 phones it can't crack because they're encrypted. FBI boss Christopher Wray upped the ante in December 2017, telling a …
... that (so far as I'm aware) no one has been identified as the advisers who told FBI (and presumably also various idiot politicians on both sides of the Atlantic) that "good guys only" backdoors were feasible?
Now of course you can understand why anyone wanting to keep a good name in this business might not want to admit they've been talking rubbish. Guys like Schneier will forensically dissect them and then stack the heads in the Hall of Infamy.
But surely to heaven, if you're a US TLA wanting advice on crypto, the very first place to ask would be NSA? And whatever political BS that institution may sometimes feel it has to spout, it certainly has experts who will tell the Feds that GGOB just cannot be done. Hell, NSA more or less proved it for themselves over a decade ago.
What I'm saying is that neither law enforcement, intel or politicians have any excuse not to be getting the very best advice there is. It simply makes no sense that even five years ago, Comey in the US (then FBI chief) and Theresa May (as HomeSec) in the UK were blethering about wanting GGOB—even if May is as ignorant as she appears, there are folks at GCHQ who could have had a timely, quiet word: "What you're asking is plain impossible."
I have to wonder whether the fundamental problem is one of politics: we know that US and UK politicians are largely ignorant and dishonest, and maybe they choose to get advice only from people who tell them what they want to hear. Perhaps if you pipe up and say "Actually, Minister, that isn't strictly correct—" you get shown the door.
Given that senior agency posts also tend to involve a lot of politics, perhaps that is why the FBI also repeats this shyte.
Politics these days seems about as far from intellectual honesty as it's possible to get.
"What you're asking is plain impossible."
If you tell them it's impossible, you don't get funds to try to make it work. And if you tell them that it's really, really hard then you get even more funds.
These people have mortgages to pay and empires to build too, you know?
"Is there a peer reviewed paper out there that proves safe back doors are impossible?"
Considering that on the subject of encryption backdoors, our Prime Minister was widely reported as saying that Australian laws overrule the laws of maths, I don't think any such paper would make the slightest bit of difference. Not to mention various governments have tried to legislate a simpler value for Pi.
we know that US and UK politicians are largely ignorant and dishonest, and maybe they choose to get advice only from people who tell them what they want to hear.
What makes you think that this only applies to the UK and US. I thought this was a universal requirement for politicians...
Building a legal backdoor that is open only to law enforcement is very, very, very hard and will require substantive efforts to be made. It has to meet regulatory regulations [sic] in multiple jurisdictions across the globe. For a complete solution, we expect design, development, testing, and release to cost $500 000 (FIVE HUNDRED MILLION US DOLLARS) and take 2 years to deliver.
Please provide us with $20 000 (TWENTY THOUSAND US DOLLARS) and our attached NDA, signed, in exchange of which we will provide you with a regulation-complying quote, including a cut-down of expenses and expected time-frame of delivery.
Lagos Dev Club
Senator Peter Lawless
153, Lagos way
PS: the person and address data mentioned herein is fictions, for those who cannot parse the joke icon.
"How exactly does counting between 1000-2000 items three times give you 7800?"
First count, 2000, second count 2000, third count 2000. 2000+2000+2000 = 6000. You are right, they must have counted them four times.
We can't decrypt 7800 phones, would you believe it? No? Hmmm, would you believe 1000 to 2000? How about two cans and a lengthy bit of very tangled string? OK already, I still haven't figured out how to use my shoe phone.
Aside from being a vague "blame it on the computer", it fails on basic arithmetic.
Blame this on the computer, blame other things on "not the computer" and I'll add "computers never make mistakes"... I wonder which argument they really believe*?
*The probable answer is: "The one that gets us what today, tomorrow's "want" will be a different reason.
Forget trusting them with an audit...if they can't figure out how their counting function works, how can they figure out they've got the right device, or tied the data to the right "suspect"? Seems like these experts should not be allowed anywhere near "evidence" found through software.
This is how it goes nowadays. "Sources" make an unsubstantiated claim, and then everyone else in .gov and media ignore the demand for evidence and instead focus on driving opposing factions to argue over the minutia and whether or not it fits their political desires. Before you know it, months have gone by and people are arguing about how we should respond politically to something that no one has even demonstrated to have happened.
Misstating things like this to the FBI - even accidentally - can get you thrown in prison. To achieve even a modicum of fairness and proportionality, every single person at the FBI responsible for producing and promulgating this number should be convicted and thrown in front of a firing squad. Of course, the FBI doesn't give a flying fuck about fairness, proportionality, justice, or the US Constitution. They do care about things like anybody other than them meddling in US elections.
1. Political pronouncements based on FUD not fact
2. A Government entity is requesting something mathematically impossible (see #1)
3. A Government entity that's requesting something mathematically impossible would stoop to lying (see #1)
4. A Government entity can't count
5. A Government entity doesn't have a system good enough to be able to find the number of encrypted devices involved in their open cases.
Maybe, before asking for impossible things, they should have systems that provide accurate info. But then, maybe, that's also an impossible thing.
Even 7800 is insignificant:
The Federal Bureau of Prisons (BOP) had jurisdiction
over 196,500 prisoners at yearend 2015.
So going off the number of KNOWN CONVICTED federal criminals, the feds are only having trouble with access to evidence for 3% of cases. In reality, the number has to be even more insignificant as you begin to count those who have not been charged, local and state cases that use FBI labs, etc. I'm sure someone who truly groks stats could really blow their argument out of the water.
Biting the hand that feeds IT © 1998–2019