Comey and Adult Conversations About Encryption

What does an adult conversation over encryption look like? To start we need to understand what Mr. Comey is seeking. Then we can talk about the risks.

AP and others are reporting that FBI director James Comey has asked for “an adult conversation about encryption.” As I’ve previously opined, we need just such a dialog between policy makers, the technical community, and the law enforcement community, so that the technical community has a clear understanding of what it is that investigators really want, and policy makers and law enforcement have a clear understanding of the limits of technology.  At the moment, however, it cannot be about give and take.  Just as no one cannot legislate that π = 3, no one can legislate that lawful intercept can be done in a perfectly secure way.  Mr. Comey’s comments do not quite seem to grasp that notion.  At the same time, some in the technical community do not want to give policy makers to even evaluate the risks for themselves.  We have recently seen stories of the government stockpiling malware kits.  This should not be too surprising, given that at the moment there are few alternatives to accomplish their goals (whatever they are).

So where to start?  It would be helpful to have from Mr. Comey and friends a concise statement as to what access they believe they need, and what problem they think they are solving with that access.  Throughout All of This, such a statement has been conspicuous in its absence.  In its place we have seen sweeping assertions about grand bargains involving the Fourth Amendment.  We need to be specific about what the actual demand from the LI community is before we can have those sorts of debates.  Does Mr. Comey want to be able to crack traffic on the wire?  Does he want access to end user devices?  Does he want access to data that has been encrypted in the cloud?  It would be helpful for him to clarify.

Once we have such a statement, the technical community can provide a view as to what the risks of various mechanisms to accomplish policy goals are.  We’ve assuredly been around the block on this a few times.  The law enforcement community will never obtain a perfect solution.  They may not need perfection.  So what’s good enough for them and what is safe enough for the Internet?  How can we implement such a mechanism in a global context?  And how would the mechanism be abused by adversaries?

The devil is assuredly in the details.

Guns and Gun Control: The Numbers Are Beginning To Add Up

Drawing_from_holsterMany people have made the claim that they need to own guns to protect themselves, that they can’t leave it to police to protect them, the enormous assumption being that a gun actually does offer some protection.  There are a number of scholarly works to test that assertion.

  • A longitudinal study by Johns Hopkins and Berkeley published in 2015 the American Journal of Public Health shows that Connecticut’s Permit to Purchase law reduced firearm homicide by 40%.
  • A separate Johns Hopkins study showed that firearm suicide rates in Connecticut dropped 15.4% after that law was passed, while Missouri’s firearm suicide rate increased by 16.1% after they repealed gun control legislation.  There was also a lower than expected overall suicide rate in Connecticut.
  • Missouri also saw a 25% increase in homicides after their background check law was repealed.
  • An earlier CDC study published in 2004 in the Journal of American Epidemiology showed that simply having a gun in the home, regardless of how it is stored, increases the odds of death by firearm by a factor of 1.9.
  • A more recent meta-study by Harvard researchers in the Annals of Internal Medicine showed an increase risk of both suicide and homicide in homes where guns are present.  In particular, that study found that homicide victimization rates were slightly higher for those who had guns in their homes than those who did not.
  • A 2011 CMU study did show that having a gun in the home seems to deter certain planned crimes such as burglary, but has no effect for unplanned crimes.  Furthermore, it showed that only having a gun in the home does not provide the deterrence, but that this fact needs to be somehow brought to the attention of the burglar.

Summing up: studies thus far demonstrate that having a gun in the house increases the chances of someone in that house dying by firearm, it increases the risk of suicide, and it does not prevent a crime of passion, although it may deter a burglary.  More analysis is needed.  It is likely, for instance, that the type of gun matters.  A lot of studies are needed about open carry laws.  Still, if you think a gun offers you any sort of protection against others, consider the risks.

Image courtesy of aliengearholsters.com.

Is Bitcoin Really Money Laundering?

For those who don’t know, BitCoin is an attempt at a new type of currency, one that isn’t linked to any nation.  In a way, bitcoin is a lot like gold or other commodities, only it differs in that you don’t actually have to ship anything around or even keep trading futures to stay in the game.  Still it accrues similar benefits as gold. In fact there is a bitcoin to gold price, based on milligrams of gold.  As you can see the number of milligrams one gets for a bitcoin has gone from about 300 in January to about 3,300 in October.  Bitcoins have clearly paid off for some people.

One of the other goals of bitcoin is that they be as anonymous as cash.  This is where the problems start.  Let’s say you want to sell a few bitcoins, and receive American dollars.  One question is simply this: do you have to list the sale on Schedule D?  I am no accountant, but I would think the answer would be “yes”.  Now let’s say that instead of selling them, you are just holding them, and let’s for the sake of argument say that you have $500,000 worth of bitcoins.  Do these represent foreign assets?  If so, you are required to file forms with both the Treasury (TD-F 90-22.1) and the relatively new IRS Form 8938.

Those who in any way behave like banks will find that the Treasury department expects them to do all the things banks do.  That includes reporting on suspicious transactions or any transaction over $10,000.

This hasn’t stopped people from attempting to hide transactions.  Here’s an article from CNN about a guy who attempted to do all sorts of nasty things with Bitcoins.  This led to a huge drop in their value, almost overnight.

chart

 

 

So, now the question: are bitcoins here to stay or are they a passing fad (read: pyramid scheme)?   The entire technical premise of bitcoins is in fact that they can be anonymously traded.  The bad news for people with bitcoins is that because there is no single management point that has guns (thus differentiating them from a classic currency), unless the likelihood is that those with the guns will want to limit or prohibit this sort of transaction; especially in large quantities.

A similar situation arose in 2001 when the U.S. government began to crack down on those using the old mechanism known as Hawala, even though the mechanism is legal.  And so one question is simply this: are bitcoins really anonymous?  A researcher named Sarah Meiklejohn will present a paper at SIGCOMM this month on just what law enforcement capabilities there are.  Watch that spot.

 

 

 

 

Interesting Geoff Huston Posting on CircleID

Geoff Huston has established himself as perhaps the foremost authority on IP address markets.  A senior researcher at APNIC, Geoff has tracked this issue for over a decade.  He has recently posted a new blog entry at CircleID, to which I’ve commented.  Here’s what I wrote there:

The fundamental basis for the article above is a lack of transparency within IP address markets.  This is something that Bill Lehr, Tom Vest, and I worried about in our contribution to TPRC in 2008.

Amongst other things, transparency or its lack has the following effects:

  • Assuming it is a goal, efficiency in markets demands transparency.  When markets lack transparency, neither the buyer nor the seller know if they have gotten a good deal, because it could be that there existed either a buyer who would have paid for more, or a seller who would have sold for less, who was simply not identified.  Is $10 per address a good price?  There is at lest a tidbit of information from some of the brokers that indicates wide variance in the cost of IP address blocks.  Whether that information is accurate, who cannot say?  It is not required to be so.
  • Network administrators and owners should be making informed decisions about how and when to move to IPv6.  Absent pricing information regarding v4, there is uncertainty that is difficult to price.  In this sense, hiding pricing information may actually encourage IPv6 deployment.  Keep in mind that large institutions require years if not decades to make this sort of transition.  Were I them, given the increased number of devices (if you can believe the numbers above, and I suggest that we take them with a grain of salt), I would start now to get out of this rigamarole.  Heck, even with transparency, that only tells you today’s price, and not tomorrow’s.  Certainly it is well worth researching methods to price this risk.
  • It is important to know if there is an actor who is attempting to corner the market.  Proper registration of purchases and sales provides an overview of whether dominant players are acquiring addresses beyond the needs of their customer base.  Such acquisitions would have the impact of increasing costs for new entrants.
  • Finally, the Internet Technical Community (whoever we are) need to know if new entrants are in fact unable to access the Internet because IPv4 addresses are too high, if we want to see the safe and secure growth of the Internet everywhere.

The funny aspect of all of this is that governments may already be able to track some pricing information retrospectively through, of all things, compulsory capital asset sale reports, such as the U.S. Form 1040 Schedule D.  However, in general this information is confidential and not very fresh, and hence not sufficient to advance policy discussions.

I had no knowledge of the NSA’s programs, but I’m not surprised by most of it.  James Bamford articulated in The Puzzle Palace in 1980 what the NSA was capable of, and it has always been clear to me that they would establish whatever intelligence capabilities they could in order to carry out their mission.  There are several areas that raise substantial concerns:

1.  NSA’s own documents indicate that they intended to interfere with and degrade crypto standards.  That on its own has caused the agency substantial harm to its reputation that will take decades to recover from.  But they haven’t just sullied their own reputation but that of the National Institutes of Standards and Technology (NIST) who are a true braintrust.  Furthermore, they’ve caused the discounting in the discourse of anyone who is technology knowledgeable who have either recently held or currently hold government posts.  I will come back to this issue below.

2.  It is clear that the FISA mechanism just broke down, and that its oversight entirely failed.  Neither Congress nor the Supreme Court took its role seriously.  They all gave so much deference to the executive because of that bugaboo word “terrorism” that they failed to safeguard our way of life.  That to me is unforgivable and I blame both parties for it.  In fact I wrote about this risk on September 12, 2001.  I wrote then:

I am equally concerned about Congress or the President taking liberties with our liberties beyond what is called for. Already, millions of people are stranded away from their loved ones, and commerce has come to a halt. Let’s not do what the terrorists could not, by shrinking in fear in the face of aggression, nor should we surrender our freedom.

Sadly, here we are.

3. There are reports about law enforcement taking intelligence information and scrubbing the origin.  Where I come from we call that tampering with evidence in an egregious attempt to get around those pesky 4th and 5th amendments.

4. The NSA’s activities have caused great harm to U.S. services industry because other nations and their citizens have no notion as to when their information will be shared.  This is keenly true for companies such as Google and Microsoft who, it is reported, were ordered to reveal information.  The great Tip O’Neill said that all politics is local.  That may be true, but in a global market place, all sales are local.

It would be wrong to simply lay blame on the NSA.  They were following their mission.  Their oversight simply failed.  Congress needs oversight.  That is our responsibility.