[Cryptography] Text of Burr-Feinstein encryption backdoor bill
Tom Mitchell
mitch at niftyegg.com
Fri Apr 8 22:21:12 EDT 2016
On Fri, Apr 8, 2016 at 11:44 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> IANAL, but it seems clear from the rest of the text that this bill would
> specifically outlaw all strong encryption, not just end-to-end encryption.
>
Today we have mandated in existing law requirements to secure data
with encryption. The obvious ones are finance and health care records.
In addition there are VPN and other link level security methods in use
by local, state, TLA and other federal departments including the NSA,
the military, CIA, FBI... NATO.
This ill considered law would appear to require networking, storage
and communication hardware vendors to be able to provide access to such data
without knowledge of the customers security key applied to the appliance.
Other
existing law mandated exactly these features.
This law would compel Cisco, Juniper, and all system manufactures be able
to and to
open a door on a product any place it is deployed. Any continent, any
nation, any
purpose.
I am reminded of a drill sergeant barking "Jump up, give me twenty" for
doing it wrong.
What was wrong was the sergeant had yet to tell us to come down.
All point of sale devices must have a side door. All financial data. All
medical data.
A home router.. Cisco, Netgear with a home storage device now needs a
vendor access
no mater what pass word the customer sets.
http://www.hhs.gov/hipaa/for-professionals/security/guidance/index.html
Disk vendors with single disk level encryption... Seagate or IBM when
presented with a
device serial number must make transparent any encrypted data.
http://www-03.ibm.com/systems/storage/solutions/data_encryption
This is to me a case of PTSD.
http://www.sfgate.com/bayarea/article/Feinstein-recalls-S-F-s-day-of-infamy-3260395.php
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160408/ce255c99/attachment.html>
More information about the cryptography
mailing list