The last person San Diego should trust with their computers and smartphones is District Attorney Bonnie Dumanis.
Last week, Dumanis joined district attorneys in Los Angeles and Manhattan in supporting a fundamentally flawed Senate proposal they’re trying to brand as the National Technology Bill. If anything, the legislation sponsored by Sens. Richard M. Burr and Dianne Feinstein is an anti-technology bill, since it would require tech companies to weaken the security of their products and break encryption meant to protect their customers.
Dumanis and her colleagues argue that this bill would assist law enforcement, but they fail to mention the cost: the safety of all Americans’ data.
One needs only look at Dumanis’ track record on technology to understand that the district attorney is not credible on this issue.
In 2012, Dumanis spent $25,000 in public money on 5,000 copies of a piece of “parental monitoring” software called ComputerCop. This CD-ROM, which was distributed to families throughout the county for free, included a video from Dumanis promoting the program as the “first step” in protecting your children online.
This first step, however, involved parents installing keylogger software on their home computers. This type of technology is a favorite tool of malicious hackers, since it captures everything a user types, including personal information such as passwords and credit card numbers. Not only did ComputerCop store keylogs in an unencrypted file on the person’s computer, but it also transmitted some of that information over unsecured connections to a mysterious third-party server. If your child was sitting at a coffee shop, connecting a laptop with ComputerCop to an open Wi-Fi network, any two-bit hacker, identity thief or cyber-bully could snatch what your child typed right out of the air.
We Stand Up For You. Will You Stand Up For Us?
While sympathetic to the competitive dimensions of the technology companies' position, I do think the law enforcement position has merit too. The author seems to think that a court ordered warrant consistent with the Fourth Amendment is an invasion of privacy rights. That the companies have the ability to encrypt, does not mean that the societal costs of such technology do not weigh in the legal and moral equation. Constitutional law provides for few absolute rights. Are we truly prepared to say that suspected murderers, rapists, terrorists etc...have the right to conceal the evidence of their crimes in all cases? I am not a fan of Bonnie Dumanis yet I can't categorically dismiss the public safety arguments.
Dumanis imprisoned a man because of his song lyrics. She is a horrible person and wrong about everything.
By Darren Chaker, http://darrenchaker.us, I typically post on TOR and give talks about cyber security, but could not resist to comment : Here's the plan folks: when USA manufactured encryption is weakened, simply buy Russian, or any of the "546 encryption products from outside the US" per encryption guru Bruce Schneier. See, https://www.schneier.com/.../2016/02/worldwide_encry.html Besides the hype, the fact is the bill will never pass, but good to keep your options in mind!
On this note, and in honor of those who want to attack our privacy, I would suggest:
1. Use a PIN, at least 6 digits for our phone and turn on encryption; do NOT use finger print to get in your phone as you can be forced to swipe your finger (mixed cases say yes and no, currently before the Ninth Circuit).
2. Encrypt your computer's hard drive - BitLocker is good for Windows (Windows 10 Pro comes with it - do NOT save back up pass-phrase to Outlook email as it provided this option - and do not write it down), BestCrypt is one of my favorites. Apple computers and tablets (as well as Android tablets) come with encryption, so turn it on. Once encrypted, the hard drive is a useless brick - just be sure your pass-phrase (aka password) is complex.
3. Use a history wiping utility - CCleaner is free and a good product for the typical person to wipe internet history, delete digital tracks, and wipe hard drive at least once a week; CyberScrub or East-Tec do the same, but with additional options, and are cheap ($20-60 range).
4. Encrypt (WPA2) your WiFi connection with a password (do not use the factory PW); if you want ultra security, get a secure router, I use Sophos.
5. When using free WiFi, use a Virtual Private Network (VPN) - this secures your info when away from home, and prevents the coffee shop selling your browsing data to third parties - remember - if it's free - YOU are the product. It also prevents someone with technical know how from viewing your internet activities; and
6. Go into your Google settings, and pause all search history, YouTube viewing history, location history, etc. While at it, delete the history too. If you like everything you do to be archived and available, that's cool too. You decide your privacy fate.
The above is the tip of privacy iceberg. It's not everything one needs to do, but it is a lot more than most do. Keep in mind, doing the above helps protect the common folks, to the corporate executive whose computer is taken by a foreign company who wants to salvage corporate secrets from it.
I take it that the constitution no longer applies, and we've been stripped of our rights..
The ignorance on display here would be hilarious if it wasn't so dangerous.
These are the clowns people trust to keep them safe?
All the encryption bill would accomplish is end Internet banking and Commerce as we know it.
It would Force communication app developers to move outside US jurisdiction or close shop.
This is an absolutist argument, there are no comprises to encryption, you're either secure or you're not.
If the Government attempts to ban math, there are a Dozen end to end encryption apps outside of US jurisdiction on the Internet now. At the pace in which government moves there will be 100's by the time they could ban math in America.
Ms Dumanis may be a fine lawyer, but how is it that we trust her and Sen. Feinstein to make technology decisions for us, rather than someone with credibility in the field? If I, an experienced engineer, told Ms D how to prosecute, I doubt she would listen to me...
And have Ms D & Ms F not realized that if those mythical backdoors are created, then their private work and personal information be cracked by whoever is interested. Do yo think Ms Dumanis and her staff ever send emails or texts or makes cell calls regarding investigation? Wouldn't a criminal element love to know what she says? Or maybe those elements already do, since CURRENT technology isn't as secure as it could be.
If you care about this, even a little, urge your legislators to vote NO on any such bills, and look into using WhatsApp for you private phone and texts. BTW, you know email is insecure by design, right?