* Posts by tom dial

2187 publicly visible posts • joined 16 Jan 2011

South Korea faces $1bn bill after hackers raid national ID database

tom dial Silver badge

Re: British Database

The SSN, for practical purposes, is a national ID in the US. Despite the fact that its use as a primary account identifier has been illegal for nearly 40 years, it still is used extensively within the government and probably in the private sector as well, and retained an a good many files and databases where it has no legitimate purpose.

In addition to SSN use in filing fraudulent federal income tax returns over the last several years, availability in the last year or so of a national Social Security self-service web site has occasioned fraudulent rerouting of SS payments. There almost certainly are other cases.

Knives out for new EU rules forcing govts to reveal hacker attacks

tom dial Silver badge

Re: reporting cyber incidents would not incur any additional costs

And before the audit you will have to complete about an inch of vulnerability self assessment checklists for each system, for each year (or inch-equivalent - somewhere between 500 and 1000 questions). The questions will, of course, change from year to year, dampening excessive cloning. This manual effort will supplement the required vulnerability scans, further burdening employees who might otherwise be spending time patching and fixing the vulnerabilities, or requiring hire of additional employees or contractors.

World govts elect Swiss big cheese as their new ICANN point man

tom dial Silver badge

I almost stopped reading after the words "civil servant" in the first line. Out of a probably misplaced sense of duty or something like that I read the rest; it did not change my mind.

Nothing good seems at all likely to come out of this.

Commerce Secretary feeds digital catnip to NET NERDS

tom dial Silver badge

Re: Multi-Stakeholder model.....

Correct, but I would put it a bit differently: there are too many people who want to have control for it ever go anywhere. No good can come of it.

The seemingly obligatory reference to NSA shenanigans is a misdirection. They were not helped by present naming/numbering allocation procedures and will not be hurt by changing them. They (and all other SIGINT agencies) operate largely at a lower level and will use whatever addressing and routing information is available.

NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)

tom dial Silver badge

Re: mmm...

Complete rewrite? Rubbish. Nobody who ever wrote programs for a living believed that for a second.

Microsoft might not be the nicest company to deal with, but they are not so stupid as to discard their own debugged code in favor of rewriting the functions from scratch.

NSA Sentry Eagle placed spies in private companies

tom dial Silver badge

Re: Indicative?

The unfortunate thing is that Snowden or not, nearly all of this leaked out.

Fixed.

Greedy datagrabs, crap security will KILL the Internet of Thingies

tom dial Silver badge

Yes. There is a place, perhaps, for a network of things inside my house. There is very little to be said for connecting that network to any that is accessible from the Internet. In over six decades of inability to control things inside my house remotely I have suffered only very minor and occasional inconvenience. The notion of connecting everything I might want to control to the Internet, even through a VLAN, gives me a righteous case of the queasies.

To Russia With Love: Snowden's pole-dancer girlfriend is living with him in Moscow

tom dial Silver badge

Upvoted, with reservations. Although Greenwald, Poitras, and others appear to have redacted names, and most of the illegally released material describes information that has been known for years in general, and in some cases with a fair degree of detail, the material also contains quite a few additional details that may not have been known. It may enable information assurance and counterintelligence personnel to detect vulnerabilities and targets, and concurrently to identify individuals who provided assistance, that would have been impossible or much more difficult without the release. Vulnerability and target identification result only or primarily in loss of sources and compromise of methods, but identification of agents that might result from related investigations could lead to their imprisonment or worse. And of course we don't know from what has been published that more, including names of people who are now vulnerable, has not been made available privately.

As for "gross misjudgment, incompetence, greed and base motives," it is not entirely clear that the released material show it extending much beyond the outsourcing of background investigations. A considerable part of the material describes the details and mostly successful operation of internal and judicial controls aimed at protecting US citizens from unwarranted government action, and the major, if not only, release of privacy impacting information about anyone has been as part of the "revelations": the NSA collected, processed, and retained email message contents under FISA rules; Snowden removed it from their control, and those to whom he provided access made it public.

tom dial Silver badge

I have to say that having read the Maass and Poitras article, and the documents that accompany it, I am pretty underwhelmed by the depth and scope of the new revelations. Most of it seems to have been known generally by 2012, and all or nearly all the rest came out by the end of 2013.

tom dial Silver badge

The girl friend probably is not implicated, and likely can travel freely on a US passport, subject to funds availability, with no more hassle than, say, Glen Greenwald.

Women in tech: Not asking for raises is your 'superpower' – Nadella. *chirp*...*chirp*

tom dial Silver badge

By no means a Microsoft fan, but ...

Is there any evidence at all that Microsoft or any or the other major technology companies pays female employees less than male employees for the same work when account is taken of work quality, experience, skill level, and the like?

Same question for hiring: is there evidence that Microsoft or similar companies discriminate in hiring against women with essentially equivalent education and experience, or hire them at lower salaries or for jobs with lower overall advancement potential?

The often repeated statement that women are paid ~78% of what men are paid presents a single number as a claimed representation of an enormous range of job classifications, personal choices, life experience, education, and work experience.

Crims zapped mobes, slabs we collared for evidence, wail cops

tom dial Silver badge

Have they not heard of Faraday bags?

Many available from Amazon.com and quite a few others, $20 or so.

Alternative, aluminum foil, $.05 or so.

Hey, non-US websites – FBI don't have to show you any stinkin' warrant

tom dial Silver badge

Re: illegal abroad surely

"If this precedent stands then the other members of the 5-eyes can hack into US based computers and turn the results over to the NSA ...".

I do not think this is correct. It may mean it is legal under UK law to penetrate US systems without a UK warrant and present the results as evidence in a UK court (and similarly for Australia, Canada, and New Zealand). Then again, depending on treaty arrangements, it might not be legal. My guess is that in all of the 24 possible pairs of Five Eyes governments there are treaties in effect that would make such evidence gathering unlawful and the evidence collected inadmissible. That might or might not be true for the US and Iceland. Presumably Ulbrucht's attorneys are competent enough to have brought any such information to the attention of the judge who will be deciding the issue.

tom dial Silver badge

Re: Lazy Lunacy

There is no reason to suppose that evidence gathered with a warrant is either more or less reliable than that gathered without one. Whether or not the evidence is "dodgy" depends much more on showing that it was handled in a way that ensures against alteration by the offeror, whether prosecution or defense. Ultimately, under US (and, I think also UK) law, the jury determines that, and whether the evidence is relevant, and whether it supports a finding of "guilty" or "not guilty".

The present issue is whether the evidence was collected in a way that allows it to be brought to a trial and offered to a jury, along with testimony, elicited in direct and cross examination, about it.

tom dial Silver badge

Re: Lazy Lunacy

No, it is as I said. The FBI claims a warrant was not required and the evidence should be admitted; Ulbrucht claims the opposite. The judge will decide whether which is the case. The loser might appeal, but the decision eventually will be final one way or the other.

Whether to extradite the FBI or other US government personnel involved in collecting the evidence at issue depends on a number of details:

- whether Iceland officials find that a crime has been committed under Iceland law;

- whether there is an extradition treaty between Iceland and the US;

- if the answer to the first two is "yes", whether the Iceland government seeks extradition;

- if the answer to the first three is "yes", whether the US grants the request.

tom dial Silver badge

Re: It's not 4th Amendment, it's Article I, section 8!

Article I, Section 8, Paragraph 11 grants the Congress has the power "To declare War, grant Letters of Marque and Reprisal, and make Rules concerning Captures on Land and Water".

To call subverting a privately owned server located in Iceland "attacking the infrastructure" and therefore an act of war seems quite a stretch. However, what the FBI is claimed to have done seems likely to fall into the "Captures on Land and Water" box, where the Constitution explicitly grants the power to the Congress. There might even be US law to cover what they did.

tom dial Silver badge

Re: I just have to say...

Gary McKinnon violated US law by accessing government operated equipment. The US Government requested that he be extradited to stand trial in a US court, and the UK government, after a great deal of deliberation declined to do that. And the case is largely closed, although I would not recommend that Mr. McKinnon plan to vacation in the US.

The corresponding scenario in the present case would be for the government of Iceland, if they believe Iceland law to have been violated, to request that the accused FBI personnel be extradited to stand trial in their courts. I do not know whether there is an extradition treaty in effect between Iceland and the US, or whether a request, if made under such a treaty, would be honored or declined as the UK did in the McKinnon case.

In any event, the FBI is claiming only that they violated no US law and did not require a search warrant from a US court. We have yet to see what the judge will have to say about that and the defense argument to the contrary.

tom dial Silver badge

Re: So the FBI's position is that it is legal for governments to hack US servers?

Carrying a gun in the UK might be illegal under UK law but not under US law. UK law certainly would apply, and the US consul, in such a case probably would provide little or no assistance. But the act probably would not violate US laws. Similarly, the FBI might have violated the laws of Iceland but not those of the US.

tom dial Silver badge

A US court's warrant would be valid outside the US only to the extent provided by treaty.

It would be quite interesting to have a comment on this episode from an Icelandic attorney.

tom dial Silver badge

Re: So the FBI's position is that it is legal for governments to hack US servers?

This logic is quite incorrect. The FBI apparently takes the position that their search of a foreign server did not require a warrant because it was located outside the US. The logically comparable assertion would be that the national police agency in China (or Russia, Israel, France, or Iran) takes the position that searching servers in the US or other foreign countries is consistent with their laws. Such an assertion might well be correct. The FBI certainly would not agree to that.

Whether conducting searches outside the US complies with US law or requires a warrant depends on treaty provisions which, once a treaty is ratified by the Senate, have the force of law in the US. It is possible, for instance, that it is unlawful in Iceland to act as the FBI appears to have done, yet not unlawful in the US because there is no treaty provision that makes it so, and Constitutional protections generally apply to those under US jurisdiction - citizens anywhere and legal US residents in the US.

tom dial Silver badge

Re: So by their 'logical' extension

"Iran or North Korea can hack into US servers ..."

That probably would violate the Computer Fraud and Abuse Act, just as what the FBI is alleged to have done may violate the law in Iceland. It does not appear that the FBI has claimed compliance with the law anywhere but in the US. The symmetric case would be for the government of Iran or North Korea to take the position that hacking computers in the US (whether government or not) does not violate their laws. And they might be entirely correct in making such a statement.

tom dial Silver badge

Re: Lazy Lunacy

The fact that evidence was gathered with help of a warrant, or without it, says nothing at all about it's credibility in a court proceeding. Credibility of evidence and testimony are entirely matters for the jury to decide. Lack of a warrant for evidence obtained in a search may, but will not always, cause it to be excluded from the jury's consideration. In practice, a great deal of the evidence in criminal cases is collected without a warrant - evidence colected at a crime scene, for instance, or in a personal searche incident to an arrest.

The question before this court, at the present time, is whether particular evidence collected from a foreign server will be admissible in a still hypothetical future trial.

tom dial Silver badge

Re: Who had control of the server?

Pretrial motions are not the place to raise questions of reasonable doubt. All the government has to establish at that point is that there is, indeed, probable cause to think the crime in the indictment or charge was committed by the defendant, and that the evidence to be offered is admissible. If the matter goes to trial, the jury will determine the outcome based on the evidence, considering any alternatives offered by the defense that raise reasonable doubt about guilt.

tom dial Silver badge

Re: So why bother to send a letter of request to a foreign country...

US law includes provisions of treaties made by the President with the advice and consent of the Senate (2/3 of the Senators must concur). If there is a treaty with Iceland that covers this, the FBI would be required to follow it, and failure to do so could damage or destroy the admissibility of any evidence they gathered.

tom dial Silver badge

Re: A good judge would...

No. A good (US) judge would decide the issue on the basis of US law and relevant Senate-affirmed treaties. That might or might not result in criminal charges in the US.

A good defense lawyer might seek to involve the government of Iceland. The government of Iceland might agree their laws were violated and and issue international warrants. Depending on treaty provisions, they might or might not be enforceable in the US.

tom dial Silver badge

Re: illegal abroad surely

Yes. But more significantly for the case at hand, they are claiming that their actions are consistent with US law. Whether it is or not will be determined by a US court, taking into account any treaties that the Senate has ratified that govern the specifics. Contrary to the claim, there is nothing especially odd about this; settling issues like this is what lawyers do occupationally as a matter of normal practice.

tom dial Silver badge

Re: So why bother to send a letter of request to a foreign country...

"I wonder how the US would react if a foreign national criminal investigation bureau hacked a hosting business in the US" would not seem to be the comparable question.

The relevant question would be how a non-US court in, say, the UK, Germany, France, or Iceland, would react if their national police agency hacked a server at a hosting business in the US or another country. For the example given in the second paragraph, would the court in Iceland reject evidence the Iceland police force had gathered from a GoDaddy server?

Chatting to Al Qaeda? Try not to do that – Ex spy chief defends post-Snowden NSA

tom dial Silver badge

LOVEINT: A dozen or so individual employees misbehaved in a reporting periof of 6 or 8 years, were found out by their own admission or NSA internal reviews, and were punished, mostly or entirely by discharge or forced retirement. Not good, but also not enough to rubbish the entire agency, which probably employs several ten thousand or more analysts at any given time.

The Bluffdale, Utah data center is largely a lights out operation. At completion, the local newspapers reported that ongoing employment would be in the neighborhood of 200. The analysis is done elsewhere.

The three deep contact chaining limit probably represented a pragmatic compromise between missing significant intelligence and producing so many results that anything of significance was obscured by noise.

Those who start with a presumption that the true purpose of the government is to control the citizens and suppress dissent as much as possible might conclude that all government surveillance is illegitimate and should be ended. Those who think the government has a proper role in trying to anticipate what can go wrong and prepare to oppose it might conclude that things like surveillance cameras nearly everywhere and databased communication metadata have a proper place in supporting that role but require close supervision to prevent misuse. In the US, at least, the overwhelming majority of police power misuse has nothing to do with mass surveillance or targeted communication surveillance and much to do with inadequate training and tactical misjudgments by police officials, and self-promotion by prosecutors. Most of this occurs at the state or local level of government, where internal controls tend to be more lax and less uniform, but they occur at the federal level as well (e. g., Ruby Ridge, Branch Davidian, Aaron Swartz).

It strikes me as inconsistent that we seem to acquiesce in, or even demand, handing over to our government immense power to do good (provide medical care, ensure full labor employment, for example) and tend to oppose vehemently granting it powers arguably connected to ensuring public safety, which many would agree is a core government function. One might argue that the surveillance fails a reasonable cost-benefit analysis, but that differs from the usual argument made, that the surveillance, along with the capability to do it at all, is intrinsically illegitimate.

'Encryption will make life very easy for criminals and terrorists'

tom dial Silver badge

Re: It's clear to all

Neither the Magna Carta nor the U. S. Constitution, which is much more specific in certain areas, grants a right to hide or destroy evidence of a crime. The Constitution allows warrants, with "probable cause, supported by Oath or Affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Nearly all of those who have worked themselves into a frenzy over recent comments by the U. S. Attorney General, FBI Director, and others about cell phone encryption have overlooked, perhaps with purpose, the fact that those comments refer to judicially authorized searches of specified devices based on properly issued warrants. Like the encryption of data on cell phones (and other computers) they have little relation to with the largely externally directed foreign intelligence activities of signals intelligence agencies. The public officials are concerned that they will be unable, even with warrant in hand, to conduct court authorized searches, and complaining (and saying that Something Must Be Done) that Apple, alone among major vendors, will no longer be able to help them. Their real concern, probably, is that increased use of encryption on personal devices will make their work a bit harder and put them more often in the position of trying to enforce warrants on device owners. It will do so, but probably not to a degree that poses a significant risk to the public or the effectiveness of law enforcement.

Why US Feds and g-men kick up a stink about a growing smartphone encryption trend

tom dial Silver badge

Re: Don't be fooled...

Wrong. First off, Google cannot do this, so it doesn't cost them money beyond having a legal clerk turn back any warrants issued to them with an appropriate statement. Google are are making their 3 year old unbackdoored encryption the default for phones with lock words or patterns because Apple did it with iOS8.

Apple are doing it for the publicity and do draw attention from the fact that what they probably devised as a service for those who forgot how to unlock their phones was a back door for authorities armed with warrants but with high probability eventually also for thieves. Apple have quite enough talent to have largely mechanized the decryption that they could do prior to iOS8, and the unit cost probably is inconsequential.

OMG! With nothing but machine tools, steel and parts you can make a GUN!!

tom dial Silver badge

Re: @AC

I just looked at a (google) map of the UK. There is a LOT of shoreline, especially Northwest of Glasgow, that I suspect is quite difficult to patrol effectively, fairly reachable from Ireland and Norway, and borders on what looks like very sparsely populated land. There are similar difficulties for other governments in parts of the Eastern U. S. and Canada, as well as Alaska and British Columbia, and a long U. S. border with Mexico that has been shown to be quite permeable.

I do not think it is obvious that the UK or other governments would be able to exercise effective control of a large, but popular illegal weapons import program. The effective control is nearly universally accepted legitimacy of the governments.

Google ordered to tear down search results from its global dotcom by French court

tom dial Silver badge

Re: Google should get a declaratory judgement

I suspect that absent a formal treaty, approved by a 2/3 majority in the Senate, and enabling legislation, that is a non-issue. But lacking a specific controversy, I do not think U. S. courts would take up the issue at all.

tom dial Silver badge

I wonder if it might be that the allegedly defamatory information is hosted on a web site that is beyond the reach of French law, so they picked on a company with a French footprint.

It also might be easier, in France, to obtain a judgment against Google, a foreign company, and better yet an American one, with no particularly well-established rights, than against a French or other European company, with established rights in law, who actually put the allegedly defamatory information into the public arena.

I think it is unlikely that the U. S. court system would sustain an order that Google remove the links. Perhaps Google should filter the links for queries originating in France and concurrently cut off all French users from Google.<not-fr>.

IRONY ALERT: Former MI6 chief warns of 'mass snooping' - by PAEDOS

tom dial Silver badge

Re: Extraordinary claims ... require extraordinary proof.

The same statement applies to claims that GCHQ/NSA etc. data collection, or the widely used street camera surveillance, has led to political suppression.

US Attorney Gen latest to roast Apple, Google mobe encryption

tom dial Silver badge

"child predators could use the encryption settings in mobile platforms to evade authorities and hide illegal images and content on their devices from law enforcement."

They certainly could, and those with the least bit of smarts probably have been doing so for years. TrueCrypt, although no longer supported or recommended by its maintainers; dm-crypt, available for Android for three years or so and for Linux for about ten; and Bitlocker are not known to have vulnerabilities that either their producers or the government can use for circumvention. They probably have attained significant use within the porno and paedo community. The FBI director, and now the AG, are whining about something that will have little or no practical effect on criminal investigations.

Apple, for commercial and public relations reasons, is abandoning its capability to decrypt devices, something that was a bad idea at the beginning and looked much worse after the recent uproar over alleged universal government snooping. For the same reasons they, followed shortly by Google, made encryption the future default for those who lock their phones, nearly all of whom have no reason to care about government surveillance. This will have no effect on the great majority of those who have reason to hide data and have taken the small trouble to do so.

The government has ample capability to conduct surveillance when they need to.

tom dial Silver badge

Re: What laws?

In the matter of search warrants, Fifth amendment protections probably apply to smartphones (encrypted or not) to the same extent as they apply to file cabinets (locked or not). Probably not very much.

You don't have to give self-incriminating testimony, but probably are not allowed to conceal evidence of a crime.

tom dial Silver badge

Re: fallacy of false choice

Police in the U. S. no longer are allowed to think that "if the device is on your person when stopped and they have reasonable suspicion of a crime (which is needed for the stop in the first place anyway), they can search it." The U. S. Supreme court ruled in two cases (Riley v. California and United States v. Wurie) that searching a cell phone requires a search warrant. There will be exceptions for special circumstances, but the general rule will be a warrant requirement.

Encrypting the data on the device is a way that owners can help the police in the proper carrying out of their duties.

tom dial Silver badge
Flame

Re: court-authorization

The overwhelming majority of all search warrants, including those for communication data, are authorized by ordinary state and county courts in ordinary criminal matters. Some, perhaps many, are kept secret until they are executed, and they almost never are issued in circumstances where the subject of the search is allowed to object ahead of time.

EU probes Google’s Android omerta again: Talk now, or else

tom dial Silver badge

?

- How much does Google charge for Android?

- Are there plausible alternatives?

- Can manufacturers choose freely from among the alternatives?

- Can phone users choose freely from a variety of models offered by a number of manufacturers and carriers?

- Do the same ones who attack Android for fragmentation also object to Google's anti-fragmentation measures?

- Is there any reason to think this activity is not rent seeking organized by companies unable, so far, to show a product that people are interested in having?

Ellison: Sparc M7 is Oracle's most important silicon EVER

tom dial Silver badge

Re: Memory Protection

And well before that in S/360.

Spies, avert eyes! Tim Berners-Lee demands a UK digital bill of rights

tom dial Silver badge

Re: Well we'd need a more refined bill of rights

Indeed, copyright is not a private sector contract. But copyright laws do specify an implied contract, based in the U. S. on Article I, Section VIII, paragraph 8 of the Constitution, in which the people granted the federal government the authority to establish and enforce such laws. English law, as I understand it, is less formalized but has a similar basis. CDs, DVDs, and books usually include a statement of what rights are not granted to the purchaser. DRM may be used to enforce the limitations.

Most commercial software products come also with an explicit contract, the EULA, to which a "purchaser" assents by opening the package and installing the software on a computer. It is a problem that many times the agreement is not visible until you open the package and thereby "accept" it, but it usually is possible to circumvent that difficulty by viewing an online copy. DRM may be used to enforce contract rights.

In either case, a potential consumer has the right to accept the limitations, decline them by declining to purchase, or to purchase and ignore the limitations at some risk of being summoned to a court and punished.

tom dial Silver badge

Re: Well we'd need a more refined bill of rights

No. You do not have to purchase their products or perform whatever other act that they require for access. It is their product. They are entitled to offer it on any terms they wish, and you are entirely free to arrange to use it on their terms or to not use it. It is a matter of mutual agreement (or not) between provider and consumer. This type of argument is made by people who, having made a contract for a price, think it their right to change it unilaterally because they don't like the terms

I agree that the laws are broken, but that is a side issue in the case of DRM, which is simply a technical means to help verify and enforce compliance with a contract. You can only buy a movie copy with DRM because the creator says so; and if you remove the DRM you violate a contract. If you obtain a copy of someone else's legally obtained copy you have acquired something to which you have no legal entitlement, and the person who provided the copy almost surely has violated a contractual obligation. The real effect of copyright laws in the context of effective DRM is to limit the period during which courts would allow DRM to be effective: a reasonable court would order that a vendor stop incorporating DRM and provide technical means to remove it from existing copies when (i. e., if) the copyright expires, in the same way that a court would deny claims for copyright infringement after expiration.

tom dial Silver badge

Re: @FormerKowloonTonger Lest We Forget.

Miriam Carey's shooting, tragic as it was, has exactly nothing to do with collection of data by any government agency. No connection, that is, unless the claim is that the government did, or should have, collected and processes so much information on everyone that they could have provided it on the spot to DC and federal police to enable them to determine that Ms. Carey was depressed and confused, possibly psychotic, and in need of their assistance. Even if they had had such information, her actions were dangerous to those nearby and it is not clear what they could have done to effectively end them.

tom dial Silver badge

Re: It is not my own government I am most worried about.

With respect, I strongly suspect that surveillance in the U. K. far exceeds what exists, or given the relative sizes and population, is even possible in the U. S. And like that in the U. S., there seems to be precious little evidence that it is being abused by either government.

It certainly could be abused, but both countries have a very long history, most of it in common, of political restraint and forbearance and solving most problems without resort to either popular insurrection or government oppression.

tom dial Silver badge

Re: Well we'd need a more refined bill of rights

You have the right to decide what software runs on your devices, if you are choosy about your devices. Manufacturers and vendors have the right to limit the devices they provide in any way they like. It is up to you whether to buy them. And those who hold government granted monopolies on books, recorded performances, and the like are entitled to insist on whatever constraints they like, including specifically DRM systems to control your access to them; it is your choice whether to accept the restrictions or not.

Some people (I have read) like the locked down walled garden DRM ridden approach of Apple or the slightly less restrictive approach of Microsoft and the vast majority of Android device providers. There is no more reason to make them illegal than there is to make them legally required.

That copyright duration exceeds by at least a full order of magnitude what is reasonable and that the patent issuing system, especially in the US, is out of control are matters related only peripherally to the mechanisms used to enforce them. They can be addressed separately and, unfortunately, with a similar success probability.

FBI boss: Apple's iPhone, iPad encryption puts people 'ABOVE THE LAW'

tom dial Silver badge

Re: Perhaps the FBI should read the law?

"If the FBI wants access to my encrypted personal files then they can get a warrant."

Those who bothered to read the article know that Mr. Comey's explicitly stated concern was that having obtained a warrant, the FBI (and the local or state police who obtain nearly all the warrants) may find the warrant difficult or impossible to actually execute.

He is overstating the need for these warrants rather badly, but has a point. Before iOS8, law enforcement officials could obtain warrants for Apple devices, deliver them along with the phone to Apple, and obtain the data. With the change, Apple, like Google, cannot satisfy those requests and the government will be forced to deal with the device owner, presenting several problems. First, the authorities might not know who the owner is. The second is that it may tip off the owner before they wish, and the owner might, even at risk of punishment for contempt of court, refuse to comply with the warrant.

Downvoted.

tom dial Silver badge

Re: tom dial BitDr Interesting thing...

You are entitled to hold what opinions you like. I am entitled to want those in positions of authority and power to hold rather different ones and am inclined to the view that enough of them actually do to make a difference.

tom dial Silver badge

Re: How to build a trope

Moral panics over such as child porn, sexual abuse (think "rape crisis in colleges/the military"), and terrorism have been and are endemic. They are not materially different from the ongoing moral panic about government surveillance. All are exploited by law enforcement and other government officials, and by the press wherever it is free enough to do so.

tom dial Silver badge

@Cipher: The Fifth Amendment means what it says. A person (not only a citizen) cannot be compelled to be a witness against himself. He can be compelled to give up things that may be used in evidence against him. Gambling records, owned and maintained by a person charged with running an illegal gambling enterprise would be fair game for a warrant, but the accused could not be compelled to testify about his alleged gambling activity. That doesn't seem too difficult, or suggest any reason to treat the records differently when they are on a cell phone from when they are in a little black book.

tom dial Silver badge

Re: BitDr Interesting thing...

"Rights are human constructs created by societies and enforced by laws". That incorrect opinion runs against a good deal of mainstream political philosophy, including much of what motivated those who participated in writing the Constitution and Bill of Rights, as well as a good deal of the English common law as widely understood by those who approved them.