back to article FBI boss: We went to the Moon, so why can't we have crypto backdoors? – and more this week

There has been a bumper crop of security news this week, including another shipping giant getting taken down by ransomware, Russian hackers apparently completely pwning US power grids and a sane request from Senator Wyden (D-OR) for the US government to dump Flash. But there has been other news bubbling under. Useless action …

Page:

  1. Jens Goerke

    Eggs out of pancakes

    So he demands to be able to get the eggs back out of the pancakes.

    1. Alan Hope

      Re: Eggs out of pancakes

      Perfectly possible. You just feed the pancakes to a hen and a cow, they will process them for you and return your eggs and milk.

      1. Rich 11

        Re: Eggs out of pancakes

        You just feed the pancakes to a hen and a cow, they will process them for you and return your eggs and milk.

        Eggsellent idea.

        If you add pancakes to your compost heap you can also use them to fertilise sugar beet and lemon trees.

        Cor, this is an even better whiz than extracting sunlight from cucumbers!

        1. BebopWeBop
          Joke

          Re: Eggs out of pancakes

          You may also feed cows cocoa and sugar to get natural chocolate milk

          1. herman

            Re: Eggs out of pancakes

            Eh? Didn't your mommy teach you that white cows make white milk and brown cows make brown milk?

            1. onefang

              Re: Eggs out of pancakes

              "Didn't your mommy teach you that white cows make white milk and brown cows make brown milk?"

              And you get milk shakes out of cows that have been bouncing on a trampoline all day. Just don't ask where yoghurt cums from.

      2. This post has been deleted by its author

        1. Guus Leeuw

          Re: Eggs out of pancakes

          Dear Symon,

          How dare you compare pancakes to kitchen scraps!

          Best regards,

          Guus

    2. Christian Berger

      Considering the insane budgets...

      ... that secret services an Bubble 2.0 companies have, he can be forgiven for believing that that's feasible. After all that's probably at least in the same order of magnitude than the Apollo program.

    3. Lee D Silver badge

      Re: Eggs out of pancakes

      The analogy is really simple.

      He wants a single skeleton key that opens every door in the land.

      Would you *give* someone a master key to your house? Would you give the police a copy of your keys? Whether or not they "only" use them when authorised to do so, and though you could justify it as "it saves police time as they'll be able to get into places when they have a search warrant without needing the owner's co-operation", it's a really, really bad idea. Because such a key's existence totally compromises everyone's security (as it will also open all the big City banks, etc.), access to that key can't be controlled if so many organisations require it, and the criminals only need see that key once to open EVERYONE'S home.

      It's a really, really, really dumb idea.

      Now... there might well be a way to implement it. There are a number of encryption schemes built around combinations of access keys, where you only need to hold a certain number of them to open the encryption while ordinary users still have encryption/decryption keys as normal and can't open other's messages. But their very existence is a huge chasm of potential compromise.

      And exactly those people who you NEED to decrypt their communications won't ever use such a system for anything they don't want the FBI etc. to know. It's just that simple. It's like giving everyone a safe that the government can always open and then expecting criminals to put all their ill-gotten gains and bank vault plans into it. It's ridiculous.

      Organisations need to accept that encryption is a double-edged sword, and a feature that you can't uninvent - you would be much better off putting all your resources into old fashioned policing and spying than trying to ensure that the criminals haven't used an encryption that's impossible to break. After all - at some point they have to decrypt those things, and that's your avenue, not mass surveillance and breaking into every machine on the planet and filtering out everyone's Facebook posts.

      Literally, the signal-to-noise of what they want plummets the second that you capture ordinary people in the loop, so they're not helping anyone. This was always my argument against the "acres of datacentres" tripe. Maybe they do have those. But, guess what? All that does it make it even harder to spot what you were after compared to just tailing the guy you're interested in and putting a bug on his computer. At great expense.

      Encryption is like "deception". It's a natural part of life now. And you can't just demand that criminals "never deceive you" or that you should be given the ability to always tell when they are being deceptive. We all are carrying devices that can run open-code that provides military-grade encryption written by people who are nothing to do with the US government, capable of encrypting hundreds of megabytes of data a second without even flinching, to the point that the encryption is irreversible within the age of the universe with current technology. Give it up. Sure, you USED to be able to not have to deal with that. Now you can't.

      If the PGP / Zimmerman suit had prevailed, you might have had some control. But any mathematician with a numerical recipes book, any decent coder, anybody with a copy of Maple or Matlab or similar can give you a maths puzzle that you can never reasonably solve without having to do more than include a library or run a function. And every member of the public has a device in their pocket that's encrypting hundreds of connections an hour.

      There is no backdoor that you can reasonably use.

      1. Avatar of They
        Happy

        Re: Eggs out of pancakes

        Careful. The TSA have a master key that has to be able to open any locked luggage that enters the US. So they sell locks that are TSA approved, meaning the lock will fit the master key. (I assume if not they break the locks)

        I read an article that actually said "Don't worry, only TSA approved staff have access to the key." :)

        So America wants a skeleton key because they already have one for physical luggage.

        1. Gio Ciampa

          Re: Eggs out of pancakes

          "Don't worry, only TSA approved staff have access to the key."

          ...or anyone who read the Washington Post article that one time - and "forgot" to remove the picture of them...

          https://en.wikipedia.org/wiki/Transportation_Security_Administration#Checked_baggage

        2. JohnFen

          Re: Eggs out of pancakes

          Yeah, that TSA luggage nonsense is the primary reason why I don't take luggage on flights.

      2. Kabukiwookie

        Re: Eggs out of pancakes

        Literally, the signal-to-noise of what they want plummets the second that you capture ordinary people in the loop

        That presumes that the real reason is an attempt to capture the 'bad guys'. Problem with that again is thay the definition of 'bad guys'is constantly shifting.

  2. Pen-y-gors

    Man on the sun

    'if we can put a man on the moon, surely we can put a man on the sun,'

    Actually, that's not a great analogy for back-door encryption. It's not physically impossible to put someone 'on' the sun, just insanely difficult. It is not mathematically possible to have encryption back-doors without undermining the whole encryption system.

    1. Justin Clift

      Re: Man on the sun

      > 'if we can put a man on the moon, surely we can put a man on the sun,'

      Whichever volunteer gets chosen for that will be a star... err... for the rest of their life. :)

      1. Paul Herber Silver badge

        Re: Man on the sun

        Where is Mr Neutron?

        1. hplasm
          Mushroom

          Re: Man on the sun

          "Where is Mr Neutron?"

          Where is Doctor Solar- Man of The Atom?

      2. Tigra 07
        Thumb Up

        Re: Man on the sun

        "if we can put a man on the moon, surely we can put a man on the sun"

        And as the great Ali G himself said: "We send them at night when the sun is cold."

        1. Anonymous Coward
          Anonymous Coward

          Re: Man on the sun

          Oh you jest but when I showed my mate a picture I took of mercury transiting the sun the other year, his first question was "is that the moon"? When I explained it was the sun with its closest body passing across it, question 2 was "Did you take the picture at night"?

          Shoot me now.

        2. BongoJoe
          Windows

          Re: Man on the sun

          And as the great Ali G himself said: "We send them at night when the sun is cold."

          Ah, not a towards the great Dave Allen. Pah! Youngsters today, etc..

    2. Charles 9

      Re: Man on the sun

      Why not just counter with Turing's Halting Problem disproof? If one cannot accept formal proof of an impossibility, one doesn't believe in math, meaning one's not in touch with reality and should be dismissed.

      1. Daniel 18

        Re: Man on the sun

        I suspect that most people who could understand the math around the halting problem could understand the math about crypto back doors.

        It did take a year or two of university math to prepare to prove the relevant theorems. How many government funtionaries or politicians will have that? (which hints at a wider and deeper problem)

      2. Nick Kew
        Boffin

        Re: Man on the sun

        Why not just counter with Turing's Halting Problem disproof?

        All you need is a super-Turing computer. Like, for instance, an Analogue X Machine.

        Turning your intended analogy on its head, I guess politicians and spooks can dream of an entirely new crypto framework. Then un-inventing our existing framework can be the next thing after brexit to keep them away from reality.

        1. John H Woods Silver badge

          Re: Man on the sun

          If we can put a man on the moon, surely we can calculate the exact value of π

          1. This post has been deleted by its author

            1. Kevin Johnston

              Re: Man on the sun

              "Contrary to popular belief and what most mathematicians will tell you, all of the digits in the decimal expansion of π are known! They are: 0, 1, 2, 3, 4, 5, 6, 7, 8, and 9. It is the order that they appear that is not known."

              Aha.....

              The Eric Morcambe reposte

            2. Michael Wojcik Silver badge

              Re: Man on the sun

              "Contrary to popular belief and what most mathematicians will tell you, all of the digits in the decimal expansion of π are known! They are: 0, 1, 2, 3, 4, 5, 6, 7, 8, and 9. It is the order that they appear that is not known."

              Hell, it's even easier if you use the pinary representation: 1π

          2. This post has been deleted by its author

          3. onefang
            Boffin

            Re: Man on the sun

            "If we can put a man on the moon, surely we can calculate the exact value of π"

            Just move to one of those places where politicians declared that the legal value of π was 3, or something almost as exact. If I recall correctly, there's some USA states amongst them.

          4. Michael Wojcik Silver badge

            Re: Man on the sun

            If we can put a man on the moon, surely we can calculate the exact value of π

            I can. Send me a USB drive with infinite space, and I'll send you the answer shortly after infinite time has passed.

        2. Michael Wojcik Silver badge

          Re: Man on the sun

          All you need is a super-Turing computer. Like, for instance, an Analogue X Machine.

          Hypercomputing machines aren't counterexamples to the Halting Problem proof, since the proof only establishes that the HP is not computable (or, if you prefer, "effectively computable").

          You could just as well state that the HP can be solved by a magical all-knowing oracle. It's not an interesting claim. (That's not to say there's no value in hypercomputing research,1 just that "hey, a hypercomputing machine could solve the HP!" isn't in itself a productive observation.)

          The same applies to "secure" cryptographic backdoors. We can imagine various non-realizable systems for achieving them, but as we're unable to construct any of them, that doesn't support Wray's thesis.

          (Technically, of course, there are uncertain2 - possibly-correct - hypercomputing designs which can be realized. That doesn't help with the HP, though, and I don't see it helping with crypto backdoors; we already have classical protocols for converging on the correct output of a decryption function.)

          1Though certainly some people have argued there isn't.

          2And nothing is certain anyway, if you're logical. Doxastic logic shows that any reasoner of sufficient power can never believe in its own consistency, without thereby becoming inconsistent.

      3. Anonymous Coward
        Anonymous Coward

        Re: Man on the sun

        > Why not just counter with Turing's Halting Problem disproof? If one cannot accept formal proof of an impossibility, one doesn't believe in math, meaning one's not in touch with reality and should be dismissed.

        @ Charles9: your logic is impeccable but wasted: there are plenty of politicians whose preference for God over evolution is a positive advantage to being elected, so a preference for wishful thinking over mathematics will barely register.

      4. Michael Wojcik Silver badge

        Re: Man on the sun

        Why not just counter with Turing's Halting Problem disproof?

        (I take issue with the word "disproof", but whatever. I'm also not certain that the HP is isomorphic to "secure" cryptographic backdoors, but again that's peripheral to the main question.)

        Because the whole problem is that Wray, and others like him, either 1) know that it can't be done securely but don't care, or 2) are determined to remain ignorant.

        They use facile analogies like man-on-the-moon to sway public opinion and influence others who don't understand the technical issues.

        Countering that with technical arguments is rhetorically pointless. People who understand the math are either on the side of the angels, or mendacious. People who don't have no reason to find the argument persuasive, because they don't understand it.

    3. Anonymous Coward
      Anonymous Coward

      Re: Man on the sun

      Maybe he meant the Sun has no solid surface so you can't really put a man of the Sun, even if you can survive the heat and radiations, and be able to decelerate enough in such gravity well. It's not a matter of technological innovations.

      Anyway, to get to the Moon US needed a not so small number of 'available' German scientists and engineers... instead of dreaming about backdoors, it would be smarter to stop to piss off long time allies and collaborate efficiently in fighting crime.

      1. John Smith 19 Gold badge
        Unhappy

        even if you can survive the heat and radiations, and be able to decelerate enough in such g

        The "surface" gravity of the Sun is about 27 Earth g's.

        And of course there is no actual "surface" to land on.

        But idiot politicians will hike you their diapers and stream at the top of their lungs "We want you to land on the Sun" anyway.

        1. scrubber

          Re: even if you can survive the heat and radiations, and be able to decelerate enough in such g

          "The "surface" gravity of the Sun is about 27 Earth g's."

          Well that's a crushing disappointment.

        2. herman

          Re: even if you can survive the heat and radiations, and be able to decelerate enough in such g

          The sun indeed does have a very solid surface. See this very nice astronomy web site: http://thesurfaceofthesun.com/

      2. herman

        Re: Man on the sun

        Err... the sun does have a very solid surface. See this, it is a very nice astronomy web site: http://thesurfaceofthesun.com/

    4. JeffyPoooh
      Pint

      Re: Man on the sun

      Dr. Parker is headed there shortly.

      649kw per square meter.

      Will hit 200 km per second.

      Just one thing, he's a solar probe.

    5. Ken Moorhouse Silver badge

      Re: Man on the sun

      Not sure what the journey time to the sun would be (judging by the queues to use the Channel Tunnel at present, due to a few temperature problems, probably infinite), google says 19 years. By that time any encrypted messages should easily have been cracked, so he just needs to be patient.

    6. kain preacher

      Re: Man on the sun

      Actually you can't get near the sun with today tech.

      1. jmch Silver badge
        Flame

        Re: Man on the sun

        No, but I'm pretty sure we can shoot a man INTO the sun with today's tech. Maybe the FBI director can volunteer for the honour?

      2. Anonymous Coward
        Anonymous Coward

        Re: Man on the sun

        " Re: Man on the sun

        "if we can put a man on the moon, surely we can put a man on the sun"

        And as the great Ali G himself said: "We send them at night when the sun is cold."

        Well Mercury managed it, billions of years ago and its just a lump of rock!

    7. Anonymous Coward
      Anonymous Coward

      Re: Man on the sun

      "It's not physically impossible to put someone 'on' the sun, just insanely difficult."

      Without some form of force-field, it actually is impossible to put someone 'on' the Sun.

      The temperature of Sol's photosphere is ~5700K but the most refractive metal, Tungsten, melts at just 3695K. But even if you could find a usable compound that could maintain its integrity as a vessel at those temperatures then without a cooling system everything inside it would also soon reach the same temperature. That cooling system would have to remove the heat from inside the vessel to somewhere cooler, which would mean far away from the Sun - think heat-pipes that are tens of thousands of miles long. Trouble is, not only would the cooling system need to be able to transport heat energy away from the vessel but it would also need to be able to keep itself cool enough to maintain its own integrity.

      Then there's the issue of radiating heat away in space...

      1. Anonymous Coward
        Anonymous Coward

        Re: Man on the sun

        "Then there's the issue of radiating heat away in space..."

        The sun manages it. How hard can it be? :-)

      2. Someone Else Silver badge
        Coat

        @LeeE -- Re: Man on the sun

        The temperature of Sol's photosphere is ~5700K but the most refractive metal, Tungsten, melts at just 3695K.

        Just two words: Transparent Aluminum. (Maybe with some sunblock in it?)

        1. bombastic bob Silver badge
          Meh

          Re: @LeeE -- Man on the sun

          RE: Tungsten melting point, temperature on the sun's surface

          Well in theory as the metal vaporizes, it absorbs latent heat of fusion from whatever material it's attached to (and/or being heated by) - think of the heat shiield on the Apollo spacecraft as it was coming back to earth.

          But other materials would make a better heat shield. And they would be consumed, rapidly. So there's an obvious time limit involved.

          So it's possible, but not practical.

          That of course is a complete distraction to the original point, the absolutely STUPID comparison of 'man on the moon' to 'back-doorable encryption'. How about this Mr. FBI dumb-dumb: FREEDOM. PRIVACY. SELF-RELIANT SECURITY. SELF-DEFENSE. yeah you don't want THOSE either, do you?

          1. Tigra 07

            Re: Bob

            So...We need the X-men?

        2. herman

          Re: @LeeE -- Man on the sun

          Transparent Aluminium exists actually. It is maybe better known as saphire or ruby.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like