Wired: The Senate’s Draft Encryption Bill Is Ludicrous, Dangerous And Technically Illiterate.

As Apple battled the FBI for the last two months over the agency’s demands that Apple help crack its own encryption, both the tech community and law enforcement hoped that Congress would weigh in with some sort of compromise solution. Now Congress has spoken on crypto, and privacy advocates say its “solution” is the most extreme stance on encryption yet.

On Thursday evening, the draft text of a bill called the “Compliance with Court Orders Act of 2016,” authored by offices of Senators Diane Feinstein and Richard Burr,  was published online by the Hill.¹ It’s a nine-page piece of legislation that would require people to comply with any authorized court order for data—and if that data is “unintelligible,” the legislation would demand that it be rendered “intelligible.” In other words, the bill would make illegal the sort of user-controlled encryption that’s in every modern iPhone, in all billion devices that run Whatsapp’s messaging service, and in dozens of other tech products. “This basically outlaws end-to-end encryption,” says Joseph Lorenzo Hall, chief technologist at the Center for Democracy and Technology. “It’s effectively the most anti-crypto bill of all anti-crypto bills.”

I just have a few comments.  First of all, it should be telling to you that a republican U.S. senator, Richard Burr, is aligned with a totalitarian like Feinstein.  That’s how desperate he is for a signature piece of legislation to go with his name.  He would sooner pick an awful piece of shit like this than simply turn government control on its head and give control back to the people in every way, something that would win him immediate loyalty by the voters.  Instead, he listens to his colleagues, that collection of gargoyles, demons, pit vipers and carnival barkers in Washington.

Second, remember what I said about the government’s desire for all of your information?

Soccer moms will do anything, give over any amount of privacy, give up virtually anything, in order to maintain a level of safety and security.  ISIS and nuclear power plants is the latest incarnation of the whole ISIS thing generically.  The government gets a chance to say, “Hey, listen to us, we’ll protect you if you’ll only give us access to your iPhone, all of your records, bank accounts, medical data, tell us whether you have any guns in the home, let us listen to and record your phone calls and all of your text messages, and in short be your protector.  We’ll take care of you, we promise!  We won’t let the mean bad men make the big bad thingy go BOOM and hurt your precious little babies!  Let me have the keys to your life, sweetie!”

Burr is taking advantage of ignorant soccer moms who believe that American national security will be better off if they give over their lives to the federal government and give up their constitutionally protected right to privacy.  Because Burr is just that kind of man.  Remember that he is the worm who said he would vote for Bernie Sanders before he would vote for Ted Cruz.  He is a terrible, horrible, no good, very bad U.S. senator.

I’m not going to get detailed in why I am saying what I am about to say.  Go and read this post – Encryption Via A One-Time Pad – at Dan Morgan’s place.  Also, all of this is courtesy of Mosby via WRSA.

The post is interesting, especially the more rudimentary methods of communication, which I think are far superior to the high tech methods.  Then again, this kind of stuff is interesting to me, and perhaps few others.  I suspect that this kind of thing would be useful under certain circumstances, but not me, and not right now.

If I had ever wanted to be anonymous, that ship left port years ago.  I have been tracked by CIA, NSA, FBI, DIA, DHS, Department of State and *.mil network domains ever since I posted real examples of the sinfully restrictive ROE in Iraq and Afghanistan (from folks who were there).  I’ve seen it from network domains that visited my site.  Eventually, I lost interest in that and simply assume that I’m being watched all of the time on everything.  Again, that horse left the barn a long time ago.  I cannot ever be anonymous again.  I have given some thought to how I might return to normal life again, but only thoughts.

But regarding the post on encryption, the issue of random number generators comes up.  Morgan says some of the random number generators are “pseudo-random number generators.”

I have to get all pointy head here, and I fear that the more I do this, the larger the chance is that I give away who I am and what I do.  I just want to keep that separate from my blogging if I can.  But here it goes.  There are guys who do their entire post-doctoral work on developing random number generators at the National Labs for Monte Carlo computer codes.  There are tests for randomness – ten in all the last time I read the papers and listened to the presentations.

Listen.  All random number generators are pseudo-random number generators.  None are truly random.  With a given random number seed, a random number generator will generate the same sequence of numbers every time it is launched.  Monte Carlo computer code users are constantly aware of whether they are exceeding the random number stride with any specific calculation.  There are tricks used as work-arounds if they do, such as choosing a random number seed that happens to be different than the default value, or different than the one they chose earlier.  But the simple question is this: Do you understand that you cannot just launch the application and assume that you get “random numbers?”

But also listen to me on this.  The folks that propose to rule us have access to all of these random number generators.  If you use a random number generator like it’s a black box and generate the same sequence of “random numbers” every time you use it, your communications will become predictable.

What’s the point?  Just be aware that you cannot use a piece of technology as a black box.  You have to be at least semi-educated in order to make proper use of any technology, and don’t assume that you are any more than one step ahead of your opponent, even if you’ve changed what you did since the last time you did it.

Okay.  End of pointy head lecture.