Security experts slam FBI requests to bypass encryption


Allowing government access to texts, digital communications would leave millions vulnerable to hackers, according to report

By Barry Eitel

SAN FRANCISCO – Requiring open government access to all data and communications would leave millions of Americans open to security breaches, according to a new report published Tuesday by the Massachusetts Institute of Technology.  

The 33-page white paper includes cybersecurity pioneers among its authors, including Whitfield Diffie, one of the inventors of modern encryption. The report argues that law enforcement’s desire to decipher an individual’s text messages or crack into private emails is not only impractical to implement, it will open a large window for hackers.

FBI Director James Comey has argued that the agency and other government agencies should be able to access digital communications through a “back door” built into electronic devices. Comey claims that device manufacturers should be required to include such cracks in encryption to help the FBI catch criminals.

The tech industry, including leaders such as Google, Apple and Facebook, have heavily criticized the proposition as more dangerous than helpful, a claim the MIT writers echo.  

“These proposals are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm,” the report claims.

The government looked into similar access requirements back in the late 1990s, a policy which was dropped after lengthy debate. The authors claim that these policies would be even more devastating two decades later.

“Exceptional access would force Internet system developers to reverse ‘forward secrecy’ design practices that seek to minimize the impact on user privacy when systems are breached,” the authors continue. “The complexity of today’s Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws.”

Not only are the experts concerned about criminal hackers hijacking government access protocols, they are wary about privacy issues after years of revelations regarding the National Security Agency’s metadata surveillance programs.