Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Communications Encryption United States

California Bill Would Require Phone Crypto Backdoors 251

Trailrunner7 writes with this except from On The Wire: A week after a New York legislator introduced a bill that would require smartphone vendors to be able to decrypt users' phones on demand from law enforcement, a California bill with the same intent has been introduced in that state's assembly. On Wednesday, California Assemblyman Jim Cooper submitted a bill that has remarkably similar language to the New York measure and would require that device manufacturers and operating system vendors such as Apple, Samsung, and Google be able to decrypt users' devices. The law would apply to phones sold in California beginning Jan. 1, 2017. Of course, "smartphone vendors" wouldn't be able to decrypt voice calls sent using VoIP software that was encrypted outside their domain of influence.
This discussion has been archived. No new comments can be posted.

California Bill Would Require Phone Crypto Backdoors

Comments Filter:
  • by The-Ixian ( 168184 ) on Thursday January 21, 2016 @06:44PM (#51347071)

    During initial set up, flip on encryption... there you go, you can have that one for free Apple...

    • by The-Ixian ( 168184 ) on Thursday January 21, 2016 @06:49PM (#51347105)

      Also, the vendor could encrypt something of no consequence with reversible encryption. Then, when the phone gets back to them, they can say truthfully that they decrypted it. Oh wait, you wanted the user's data? Oh, that is encrypted with their own system... we don't have access to that...

      • Heh, reversibly encrypt the call log data. They already have access to the call log through the mobile service provider.

    • None of it matters when you have no idea what the SIM card is doing or the GSM radio. Both run operating systems we have no clues about the capabilities of.

    • by ArmoredDragon ( 3450605 ) on Thursday January 21, 2016 @08:40PM (#51347759)

      During initial set up, flip on encryption... there you go, you can have that one for free Apple...

      Even if they close that loophole (which it looks like the current proposals do) an even simpler way is to just not carry them in stores in those states. So you just take online orders and ship from states without these laws. And if that's not practical, (i.e. they need foot traffic in the stores) just have two separate SKUs: One for NY/CA, and another for everywhere else. If those people want an uncompromised device, they can just order from elsewhere, and electronics stores would operate kind of like Tesla showrooms when it comes to smartphones.

      • Even if they close that loophole (which it looks like the current proposals do) an even simpler way is to just not carry them in stores in those states.

        That's not going to happen. I admit it would be effective, though.

  • by sims 2 ( 994794 ) on Thursday January 21, 2016 @06:48PM (#51347089)

    Wouldn't be the first time you couldn't buy something in CA.

    • by twotacocombo ( 1529393 ) on Thursday January 21, 2016 @06:56PM (#51347185)
      CA is too big of a market to lose, so they'll just make 49-state and CA-only SKUs, as they have with cars, motorcycles, lawnmowers, weedwhackers, etc, due to CARB and their fuckstickery. We even have CA-only guns (M&P Shield CA-compliant model comes to mind). Nothing new to see here, comrades.
      • by Firethorn ( 177587 ) on Thursday January 21, 2016 @07:05PM (#51347241) Homepage Journal

        By the same token, California would also be a good spot to have a 'hold the line moment'. Warn all the consumers that new phones won't be available there after Jan 1, 2017. Watch the state explode when people realize they can't get the latest and greatest phones. The bill would be yanked so quickly...

        • by sims 2 ( 994794 )

          I'm sure the cell phone co's would be happy air commercials and to post ad's in their windows.

          It's just like any time the gov't says anything about guns. Sales are boosted.

  • by Anonymous Coward on Thursday January 21, 2016 @06:48PM (#51347101)

    Don't see a (R) after a politician's name? Must be a Democrat. Want to see if I'm right?

    DING! Winner winner chicken dinner.

    Not that both big parties aren't corrupt as hell, but this is such a petty affectation...

    • Re: (Score:2, Insightful)

      by Tulsa_Time ( 2430696 )
      Funny how you never see the "D" next to their name in stories like this....
    • I have always figured that the reason they don't tell you the party affiliation when its a Democrat is because that isn't news, everyone knows that Democrats are petty, corrupt, authoritarian politicians. However, when a Republican does it, it is an exception and therefore news. OK, I don't really believe the latter part of that, but the press clearly does. Otherwise, what possible reason would they have for only mentioning party affiliation when its about a Republican?
      • The difference is that Democrats want the federal government to have the power. Republicans want big business to have that much power.

        • by Alumoi ( 1321661 )

          And what's the difference? Want to be successful in the US? Buy a couple of politicians.

    • by Swampash ( 1131503 ) on Thursday January 21, 2016 @09:27PM (#51347971)

      It's cute how you imply that there's a difference between (D) and (R).

      • by cfalcon ( 779563 ) on Thursday January 21, 2016 @11:11PM (#51348341)

        He's not. He's implying that when stories come down that involve (R) doing something shitty, it's next to their name, and when (D) do something shitty, it's usually not. You don't have to believe that the parties are different- just that the reporting / summary / writing / whatever is slanted when you see that shit.

        • Was this determined statistically, or is it confirmation bias?

        • by dbIII ( 701233 )
          Typically the (R) platform is supposed to be against doing specific shitty things so when they do the opposite it's news. They push "small government" and extra freedom, unless it's about what people get up to in bedrooms or with reproduction then it's vastly reduced freedom. That and being "strong" by picking on the weak, which is not what the (R) party used to be about.
          I don't have a dog in the fight so don't blame me. I just find it utterly strange, among other things, that an icon of crony capitalism
  • The new phones must come equipped with the California admissions package.
    • The new phones must come equipped with the California admissions package.

      What will their owners be forced to admit?

  • for the decryption keys to get stolen. Saying, "I told you so, you fucking retard," never gets old.

  • by gstoddart ( 321705 ) on Thursday January 21, 2016 @07:03PM (#51347233) Homepage

    Land of the free? Home of the brave? How's that working out for you?

    Oh, wait, is it brave to cower in the corner jumping at shadows in case the bogeyman comes along? I've lost track?

    Now cue a bunch of people telling us how they're still free. Go ahead, I love a good laugh.

    Papers please, comrade. If you have nothing to hide you have nothing to fear.

    • Let's pull out the old "if it'll save one child's life, it will be worth it".

  • by Mal-2 ( 675116 ) on Thursday January 21, 2016 @07:04PM (#51347235) Homepage Journal

    Leave it to an ex-cop to seek powers for law enforcement at the cost of individuals. I am disappoint. Not the least bit surprised, but disappoint. If this passes, I would be completely in favor of both Apple and Google saying "screw you guys, we're picking a new home".

    • by tnk1 ( 899206 )

      Since when has Apple or Google actually been noticeably affected by US law? They certainly don't have to send their money to the US government, why would they have to obey some silly California state law?

      I'd love to see the state government threaten them. Sorry, I meant, "try and threaten them".

  • by Bamfarooni ( 147312 ) on Thursday January 21, 2016 @07:10PM (#51347259)

    China would be so proud!

  • I'm not in this guy's district so his stupid web page won't accept my comments, could someone who is in his district please call or email and explain to this guy why what he wants to do will just make law-abiding citizens less secure, not aid law enforcement in any substantial way, and in the end only help criminals and terrorists? Thanks.
    • by ewhac ( 5844 )
      Unfortunately, Jim Cooper's district is in California's central valley, between Sacramento and Stockton. Not the middle of nowhere, but not exactly the center of high-tech, either.

      Your best bet would be to contact the Assemblyman for your own district [ca.gov], inform them of this odious bill, and instruct them to oppose it.

      • Already did that, and the appropriate State Senator. Just would rather someone (or a group of someones) pull this Copper guy up short.
  • by BoRegardless ( 721219 ) on Thursday January 21, 2016 @07:28PM (#51347363)

    This just catches the low level criminals and normal people. Mafia, KGB & Israeli Mossad will just use older iPhones and other methods.

    • by mark-t ( 151149 )

      Think long term.... what are these people going to be using in 15 to 20 years time? If the kinds of tech that could get around this are outlawed now, then it will become increasingly difficult to acquire as the years go by.... as standards evolve and change, older hardware will probably eventually cease to be interoperable with the more current communication technologies.

      Of course, I'm aware that I am probably giving the people who would come up with this kind of bill proposal far more credit than they

  • by seven of five ( 578993 ) on Thursday January 21, 2016 @07:56PM (#51347495)
    Lawmakers pass a bill declaring pi = 3, saving the world many thousands of hours of tedious calculation. Hooray!
  • With the OS having root over any keystrokes before "encryption apps" and a company having designer links in CA.
    Re: "ecrypted and unlocked by its manufacturer or operating system vendor" would be covered by laws like the Communications Assistance for Law Enforcement Act (CALEA)...
    As for devices been super secure, recall the years of news about "Cops Say They Can Access Encrypted Emails (January 11, 2016 )
    https://motherboard.vice.com/r... [vice.com]
    Note the access news going back a few years...

    Also recall the i
  • Of course, "smartphone vendors" wouldn't be able to decrypt voice calls sent using VoIP software that was encrypted outside their domain of influence.

    Such software would be outlawed, clearly.... it won't stop people who expressly want it from getting it, but it creates a barrier for entry such that most law-abiding and not very technologically competent people will simply not want to be bothered with the inconvenience of bypassing it.

    Of course, in the end, the only people that they will be able to spy o

  • The issue politicians forget is when you add back doors to devices you are also adding a back door for criminals and other foreign entities. The reality is government departments are rubbish at securing information for an extended period and once the information is out every criminal and foreign government now has a free pass to all your citizens private information. Also just saying there is a back door alerts criminals and they will start looking for that back door.
  • ISIS has just release a new Android encryption App:

    http://www.defenseone.com/tech... [defenseone.com]

    There is no prohibition in this law against using encryption applications. ISIS will help you get around California's encryption laws.

  • Unless both a mathematician and sociologist working together can show in a hard proof that crypto with a backdoor is as secure as crypto alone I maintain that crypto with a back door is not crypto so the request is impossible to fulfil and simply moot.

    Like the lawmakers that tried to make PI = 22/7 the request is simply a violation of reality, proving once again the politicians have no concept of reality.

  • by OrangeTide ( 124937 ) on Thursday January 21, 2016 @08:23PM (#51347667) Homepage Journal

    But fails to penetrate a device used by organized crime, terrorists, a technologically adept pedophile, or a well connected businessman.

    Is Joe the Plumber the threat here? because that's about all this regulation will stop.

    PS - I usually buy my smartphones on aliexpress and import them to California.

    • Is Joe the Plumber the threat here? because that's about all this regulation will stop.

      Yes, actually, the police want to be able to decrypt phones from 'average' dumb criminals. They also want terrorist phones, but that is not the only issue.

  • by seoras ( 147590 ) on Thursday January 21, 2016 @09:10PM (#51347903)

    I miss the cold war.
    Back in the good old days the "free west", would tout it's political and social freedom as why it was on the side of humanity.
    Something for the oppressed behind the iron curtain to dream of attaining and seeing their over lords for the tyrants they were.
    Then down came the Berlin Wall.
    Today you'd think the history books on the communist era in east Europe were the manuals/manifestos for state control in the West.
    The only thing our governments needs to be better than today is IS.

  • Use software written in Russia, a VPN service in China and a ISP in the US, by the time they untangle the bureaucratic red tape to decrypt your packets, you'll be safely dead from old age!

    Min

  • I have been worried that using encryption will attract attention of law enforcement who will know I something to hide. What a tremendous relief that I will now look just like another law abiding citizen using escrow crypto. While at the same time, I will use this escrow crypto for 99% of my communications, including my embarrassing but legal porn collection. And then, just when I hatch my evil plots, I will encrypt a small amount of data with my own crypto, before stamping escrowed one on top.

    Now the govern

  • This will have about as much chance of sticking as the "non-California vehicle emissions fees" they used to charge people for bringing in cars from outside California (i.e. want a phone with strong encryption? Take a trip and buy it outside California.).

    (1) The car emissions fee was declared unconstitutional (it violated the Interstate Commerce Clause of the U.S. Constitution, just like trying to restrict bringing phones with strong encryption would violate the ICC).

    (2) If you bought a phone with strong en

  • California Bill, Indiana Jones and Dakota Johnson, You 'murkins are a funny lot.

"If truth is beauty, how come no one has their hair done in the library?" -- Lily Tomlin

Working...