U.S. government seeks Facebook help to wiretap Messenger

[StringJunky]

It looks like the US administration is having another go, since that time with Apple.

Quote

SAN FRANCISCO (Reuters) - The U.S. government is trying to force Facebook Inc (FB.O) to break the encryption in its popular Messenger app so law enforcement may listen to a suspect’s voice conversations in a criminal probe, three people briefed on the case said, resurrecting the issue of whether companies can be compelled to alter their products to enable surveillance.

The previously unreported case in a federal court in California is proceeding under seal, so no filings are publicly available, but the three people told Reuters that Facebook is contesting the U.S. Department of Justice’s demand.

The judge in the Messenger case heard arguments on Tuesday on a government motion to hold Facebook in contempt of court for refusing to carry out the surveillance request, according to the sources, who spoke on condition of anonymity. 

 https://uk.reuters.com/article/uk-facebook-encryption-exclusive/exclusive-u-s-government-seeks-facebook-help-to-wiretap-messenger-sources-idUKKBN1L226M

 

[Ten oz]

No easy answer here in my opinion. Peoples texts and phone location has been used in investigation to prove people committed crimes. Messenger is a logical extension of that. In extreme case we've seen after things like mass shootings that the perpetrators had been active on social media like FB and their accounts helped connect them to other groups or individuals of interest. So it can be a real tool for Law Enforcement. However people have the right to privacy and Law Enforcement shouldn't be able to just go fishing around without legitimate probable cause. I am on the fence. It is a bit like the Golden State Killer case were investigators were able to zero in on a serial killer because relatives had used DNA ancestry kits. On one hand I think that stuff should should be private but then  on the other hand I am glad they caught a killer. 

[StringJunky]

Yes, Ten oz, I agree, but how do you preserve the inherent security of end-to-end encryption and also be able to arbitrarily allow access for law enforcement purposes? If law enforcement can do it, some other criminally-minded person will be able to eventually and share it.

[Ten oz]

14 minutes ago, StringJunky said:

Yes, Ten oz, I agree, but how do you preserve the inherent security of end-to-end encryption and also be able to arbitrarily allow access for law enforcement purposes? If law enforcement can do it, some other criminally-minded person will be able to eventually and share it.

Criminal minded persons will inevitably hack it eventually regardless. I don't think FB assisting Law Enforcement will impact that. In my opinion, for now, it will need to be a case by case thing where Law Enforcement should take their probable cause to a court of law and lay out why they need access and what their justifications are. 

[StringJunky]

12 minutes ago, Ten oz said:

Criminal minded persons will inevitably hack it eventually regardless. I don't think FB assisting Law Enforcement will impact that. In my opinion, for now, it will need to be a case by case thing where Law Enforcement should take their probable cause to a court of law and lay out why they need access and what their justifications are. 

Until then though it is secure.

[Ten oz]

4 minutes ago, StringJunky said:

Until then though it is secure.

Is it, I don't know that for sure. For all I know a person or organization is already accessing it. Just because DOJ isn't aware of it and FB hasn't acknowledged it doesn't mean it isn't so. I am skeptical of such things. I think best to error on the side that nothing done via the internet is private. 

[iNow]

If maintaining security and encryption is ones driving motivation, then opening a giant back door for the government to get into a platform easily is a massive step in the wrong direction. This remains true whether or not people can already or may in the future realize a way to hack it. 

[StringJunky]

1 hour ago, Ten oz said:

Is it, I don't know that for sure. For all I know a person or organization is already accessing it. Just because DOJ isn't aware of it and FB hasn't acknowledged it doesn't mean it isn't so. I am skeptical of such things. I think best to error on the side that nothing done via the internet is private. 

But if they are, they can't  use it as evidence because they would have to declare their source in court; the end result is the same. I agree with the last sentence. This all boils down to a general perception of lack of trust of the general public in governmental processes. As a personal anecdote: I was all for there allowing access in serious cases that involved the security services, but that changed when the UK government wanted to allow the same powers to local councils to chase poll tax evaders without seeking a warrant. The bar had been set too low and I became vehemently against it. It's got even worse since then with everybody being more connected.

Edited August 18, 2018 by StringJunky

[Sensei]

3 hours ago, StringJunky said:

Yes, Ten oz, I agree, but how do you preserve the inherent security of end-to-end encryption and also be able to arbitrarily allow access for law enforcement purposes? If law enforcement can do it, some other criminally-minded person will be able to eventually and share it.

Actually it's easy part. When application is connecting to the server, it negotiates encryption method. So if person is under "legal surveillance" (which the real judge approved! After seeing the real evidences which make crime plausible to happen, not "one big stamp" (quote from "Snowden" movie) ), server set up weak encryption, or none at all, and everything can be caught and decoded.. User is not even aware whether encryption is hard, weak or none..

I am against any type of electronic surveillance. There is no proof that somebody said or wrote words which were delivered through Internet. Anybody can pretend anybody. e.g. I could hack in Swansont, Phi for All, String Junky etc. etc. accounts on this forum, wrote anything on forum, and nobody would notice it's not message from the real member of forum. What is worth such "evidence in the case".. ? Almost nothing. But it's treated as very hard evidence right now! Anybody (hacker, programmer, ex-girlfriend, ex-boyfriend, ex-wife, ex-husband, co-worker in office etc. etc.) could pretend, and wrote something compromising (e.g. utilizing moment of distraction of the device owner)..

Smartphone localization? It proves that smartphone was in that location, not owner personally of the device! One could "borrow" smartphone (or even make duplicate of SIM!), then commit crime, and return smartphone to owner who will have no idea about the case...

 

 

Edited August 18, 2018 by Sensei

[Ten oz]

1 hour ago, StringJunky said:

But if they are, they can't  use it as evidence because they would have to declare their source in court; the end result is the same. I agree with the last sentence. This all boils down to a general perception of lack of trust of the general public in governmental processes. As a personal anecdote: I was all for there allowing access in serious cases that involved the security services, but that changed when the UK government wanted to allow the same powers to local councils to chase poll tax evaders without seeking a warrant. The bar had been set too low and I became vehemently against it. It's got even worse since then with everybody being more connected.

I wasn't implying the govt. Nor was I saying I agree that FB should allow the govt to have access. I was simply stating that for all we know someone or some group already can access it. No judgement associated. 

1 hour ago, iNow said:

If maintaining security and encryption is ones driving motivation, then opening a giant back door for the government to get into a platform easily is a massive step in the wrong direction. This remains true whether or not people can already or may in the future realize a way to hack it. 

I wasn't implying otherwise. As stated in a previous post I their probable cause to a court and petition for such access on a case by case basis. More over FB should do their part and resist each time.