--Working Group Considers Ways to Access Encrypted Data
(September 24, 2015)
An Obama administration working group has come up with four possible
approaches that tech companies could implement that would allow law
enforcement to access encrypted data. Each of the methods could be
implemented, but each also has shortcomings.
http://apps.washingtonpost.com/g/documents/world/read-the-obama-administrations-draft-paper-on-technical-options-for-the-encryption-debate/1753/https://www.washingtonpost.com/world/national-security/obama-administration-ponders-how-to-seek-access-to-encrypted-data/2015/09/23/107a811c-5b22-11e5-b38e-06883aacba64_story.htmlhttp://www.scmagazine.com/white-house-working-group-mulls-ways-to-access-encrypted-data/article/440730/[Editor's Comment (Pescatore): This topic was very thoroughly
investigated and debated back in the late 1990s when crypto export
controls were tried. The working group summarily dismisses what was
learned back then by saying "Unlike the "crypto wars" of the 1990s..."
and then looks at a similar list of unworkable alternatives that was
considered back then.
(Northcutt): This is a very progressive idea, (humor alert). However, if
we do it in software, all kinds of things that could go wrong, will =
again and again. So the best answer is to do it in hardware. I have a
suggestion for a name for the hw, the Clipper Chip. Supporting an
intentional back door runs the risk of tarnishing at least one respected
researcher's, (or company's), reputation along the way. And of course,
some software will be needed, so we need to find the company that is
best at the HW/SW marriage as well as intractable EULAs, while still
having the trust of the public, perhaps Lenovo?
https://epic.org/crypto/clipper/http://archive.wired.com/wired/archive/4.09/denning_pr.htmlhttp://www.pcmag.com/article2/0,2817,2428665,00.asphttp://www.welivesecurity.com/2015/08/17/lenovo-disables-unremovable-software/ ]