Trump's pick for attorney general is in favor of putting backdoors in encryption.
Blink and you'll miss it. Most people did. The statement was buried at the end of a confirmation hearing last week of Jeff Sessions' (R-AL), who if confirmed will take the helm at the Justice Dept. under the new administration.
The Electronic Frontier Foundation published Sessions' written transcript on Monday.
In it, lawmakers recounted when NSA chief Mike Rogers, whose agency is responsible for creating strong crypto and exploiting it for intelligence gains, said that "encryption is foundational to the future."
To which Sessions responded with:
"Encryption serves many valuable and important purposes. It is also critical, however, that national security and criminal investigators be able to overcome encryption, under lawful authority, when necessary to the furtherance of national-security and criminal investigations."
Bzzzt! Wrong answer.
So far it's a fairly poor score on cybersecurity for the Trump administration.
Arguably as head of the Justice Dept., Sessions' advocacy of encryption backdoors isn't such a foolish idea -- given that it would help his department's agencies, including law enforcement, carry out investigations.
What Sessions doesn't reconcile is that if law enforcement can punch a hole in the security of the toughest phones, so can hackers.
And that's the core argument of almost every security researcher and expert you'll ever talk to, because you can't have a backdoor "just" for law enforcement.
There is no such thing as a secure backdoor. Period.
And yet it's the never-ending discussion that lawmakers without a shred of expertise in the cybersecurity field just can't seem to get their heads around.
Last year, over a dozen of the world's foremost cryptographers and security researchers begged the then-Obama administration to stop flogging a dead horse despite decades worth of debate. It wasn't a good idea then, and it isn't a good idea now. And yet, the government didn't listen (as the Clinton administration didn't either back when this was being argued in the late-90's) and pursued it anyway.
That didn't stop FBI director James Comey from trying to set a game-changing legal precedent that could've unraveled trust in Silicon Valley tech companies by pushing the courts to force Apple to build a backdoor for its own products.
The iPhone and iPad maker refused to help. The FBI ended up cracking the device in question anyway, but refused to tell Apple how it did it.
Per sister-site CBS News, Comey is expected to stay on as head of the agency -- so we can probably expect more in the backdoor department in the coming years.
Thanks to the FBI's actions, leading Democratic senator Dianne Feinstein (D-CA) pushed a bipartisan bill that would force tech companies to comply with all warrant and court orders -- even if that means cracking open their own encryption or security features to help law enforcement, a move that was widely criticized.
After a committee shake-up earlier this year, Feinstein was replaced by Mark Warner (D-VA), whose position is to protect encryption rather than weaken it.
Along with long-time privacy advocate Ron Wyden (D-OR), who opposes any kind of mandated encryption backdoor, these two Democrats might be the biggest barrier to any advancement on the issue by the Trump administration.
Sessions is expected to be confirmed as attorney general later on Tuesday.