November 17, 2015

U.S. state and federal law enforcement officials appear poised to tap into public concern over the terror attacks in France last week to garner support for proposals that would fundamentally weaken the security of encryption technology used by U.S. corporations and citizens. Here’s a closer look at what’s going on, and why readers should be tuned in and asking questions.

encryptedeyeDespite early and widely repeated media reports that the terrorists who killed at least 128 people in Paris used strong encryption to disguise their communications, the evidence of this has failed to materialize. An initial report on Nov. 14 from Forbes titled “Why the Paris ISIS Terrorists Used PlayStation4 to Plan Attacks” was later backpedalled to “How Paris ISIS Terrorists May Have Used PlayStation 4 to Discuss and Plan.” Turns out there was actually nothing to indicate the attackers used gaming consoles to hide their communications; only that they could do that if they wanted to.

Politico ran a piece on Sunday that quoted a Belgian government official saying French authorities had confiscated at least one PlayStation 4 gaming console from one of the attacker’s belongings (hat tip to Insidesources.com).

“It’s unclear if the suspects in the attacks used PlayStation as a means of communication,” the Politico story explained. “But the sophistication of the attacks raises questions about the ability of law enforcement to detect plots as extremists use new and different forms of technology to elude investigators.”

Also on Sunday, The New York Times published a story that included this bit:

“The attackers are believed to have communicated using encryption technology, according to European officials who had been briefed on the investigation but were not authorized to speak publicly. It was not clear whether the encryption was part of widely used communications tools, like WhatsApp, which the authorities have a hard time monitoring, or something more elaborate. Intelligence officials have been pressing for more leeway to counter the growing use of encryption.”

After heavy criticism of the story on Twitter, The Times later removed the story from the site (it is archived here). That paragraph was softened into the following text, which was included in a different Times story later in the day: “European officials said they believed the Paris attackers had used some kind of encrypted communication, but offered no evidence.” To its credit, the Times today published a more detailed look at the encryption debate.

The media may be unwittingly playing into the hands of folks that former NBC reporter Bob Sullivan lovingly calls the “anti-encryption opportunists,” i.e., those who support weakening data encryption standards to make it easier for law enforcement officials to lawfully monitor people suspected of terrorist activity.

The directors of the FBI , Central Intelligence Agency and National Security Agency have repeated warned Congress and the technology community that they’re facing a yawning intelligence gap from smart phone and internet communication technologies that use encryption which investigators cannot crack — even after being granted the authority to do so by the U.S. courts.

For its part, the Obama administration has reportedly backed down in its bitter dispute with Silicon Valley over the encryption of data on iPhones and other digital devices.

“While the administration said it would continue to try to persuade companies like Apple and Google to assist in criminal and national security investigations, it determined that the government should not force them to breach the security of their products,” wrote Nicole Perlroth and David Sanger for The New York Times in October. “In essence, investigators will have to hope they find other ways to get what they need, from data stored in the cloud in unencrypted form or transmitted over phone lines, which are covered by a law that affects telecommunications providers but not the technology giants.”

But this hasn’t stopped proponents of weakening encryption from identifying opportunities to advance their cause. In a memo obtained in August by The Washington PostRobert Litt, a lawyer in the Office of the Director of National Intelligence, wrote that the public support for weakening encryption “could turn in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement.”

To that apparent end, law enforcement officials from Manhattan and the City of London are expected on Wednesday to release a “white paper on smartphone encryption,” during an annual financial crimes and cybersecurity symposium at The Federal Reserve Bank of New York. A media notice (PDF) about the event was sent out by Manhattan District Attorney Cyrus R. Vance Jr., one of the speakers at the event and a vocal proponent of building special access for law enforcement into encrypted communications. Here’s Vance in a recent New York Times op-ed on the need for the expanded surveillance powers.

Critics say any plans designed to build in secret “backdoors” that allow court-ordered access to encrypted communications ultimately would backfire once those backdoors were discovered by crooks and nation states. In her column titled “After Paris Attacks, Here’s What the CIA Director Gets Wrong About Encryption,” Wired.com’s Kim Zetter examines security holes in the arguments for weakening encryption.

The aforementioned Bob Sullivan reminds us that weakening domestic encryption laws would simply ensure that the criminals we wish to monitor use non-US encryption technology:

“For starters, U.S. firms that sell products using encryption would create backdoors, if forced by law.  But products created outside the U.S.?  They’d create backdoors only if their governments required it.  You see where I’m going. There will be no global master key law that all corporations adhere to.  By now I’m sure you’ve realized that such laws would only work to the extent that they are obeyed.  Plenty of companies would create rogue encryption products, now that the market for them would explode.  And of course, terrorists are hard at work creating their own encryption schemes.”

“There’s also the problem of existing products, created before such a law. These have no backdoors and could still be used. You might think of this as the genie out of the bottle problem, which is real. It’s very,  very hard to undo a technological advance.”

“Meanwhile, creation of backdoors would make us all less safe.  Would you trust governments to store and protect such a master key?  Managing defense of such a universal secret-killer is the stuff of movie plots.  No, the master key would most likely get out, or the backdoor would be hacked.  That would mean illegal actors would still have encryption that worked, but the rest of us would not. We would be fighting with one hand behind out backs.”

“In the end, it’s a familiar argument: disabling encryption would only stop people from using it legally. Criminals and terrorists would still use it illegally.”

Where do you come down on this debate, dear readers? Are you taking advantage of the kinds of technologies and services — like Signal, Telegram and Wickr — that use encryption the government says it can’t crack? Sound off in the comments below.


111 thoughts on “Paris Terror Attacks Stoke Encryption Debate

  1. Mike Gale

    I wonder if these guys in the security establishment realise that they come across as enemies of western civilisation?

    I encourage people to roll their own encryption. It’s very easy to do with a little work up front.

    1 Create your PGP / GPG keys
    2 Find somebody who’s doing the same (the hard bit) and swap public keys
    3 Encrypt your text emails (for example using GPA which comes with GPG4Win)

    If you do that you’re free of dependence on GUI’s and people you don’t know.

    If you’re in business it seems a no-brainer to me.

    1. Francois

      Or use something like protonmail.ch, which is much easier than PGP.

      1. Jimmy P

        OTR on top of any IM client??? Many many ways to skin this cat. They need to stop blaming encryption and start blaming political correctness and way too tight rules of engagement.

      2. Allan Ewing

        @François: Using Protonmail probably is a very bad advice. Initially, they collected SFr 500,000 and after the first DDoS attack, they paid the ransom. When they got another DDoS attack, they collected within two days SFr 50,000. In my opinion, the Protonmail operators are crooks and I would not be astonished if they were behind the DDoS attacks, just to make some money. Which they did. And now, they said, they worked together with government? Which government? On what? In a newspaper article, the fact that Protonmail paid the ransom was deliberately omitted. They are e-mail harvesters and crooks. Stay away from them.

        1. Francois

          @Allan I wasn’t there so I can’t speak about their true intentions, but according to all reports, they didn’t want to pay until they were pressured by other businesses that were also affected by the DDOS. Your claim that they are crooks is somewhat a pessimistic and paranoid opinion for which you have no evidence to support.

    2. anonymous

      Perhaps it’s language – but “roll your own” does not mean cut and exchange keys. It means writing your own algorithm. The security is not in the algorithm, for which the best encryption has been “publically” vetted. The security is in selecting the best key, and keeping the secret key secret.

    3. Mike Turner

      Six of the top e-mail encryption service providers were taken down by DDOS attacks in the week November 4th – 11th preceding the terrorist attacks in Paris and Beirut – not to mention the foiled attempt in Istanbul. Some of these DDOS attacks were attributable to State actors rather than mere kids playing around. It is probable that such a concerted effort to shut down encrypted communications all at the same time were for a reason. One can speculate that there was intelligence being gathered on some imminent acts of terrorism, and the security service agencies desperately needed to ensure maximum interception rates to prevent loss of innocent civilian lives numbering in the hundreds.

      The six services that were temporarily shut down, with links to their responses, were
      * Protonmail Nov 5-9 https://twitter.com/Protonmail
      * VFEmail Nov 5-8 http://www.vfemail.net/ tweets
      * Neomailbox Nov 4-7 https://blog.runbox.com/
      * FastMailFM Nov 8-9 http://www.fastmailstatus.com/
      * Hushmail Nov 7 https://help.hushmail.com/entries/107539976
      * Runbox Nov 5-7 https://twitter.com/Runbox

  2. Francois

    I wonder if the general public will hear you Brian and other people that are speaking with common sense. I sure hope so.

  3. John Moe

    Two of those links (Signal and Wikr) open a page Open Whisper Systems. I’m not clear about what this means.

    John

  4. Columbus_viaLA

    More than ever, I fear my own government and its metastatic intrusiveness more than I do any terrorists.

    1. Random

      This, a thousand times this.

      The same crap has been spewed by the government – with the encryption aspect of it in particular coming from the various heads of the FBI – since 9/11, and it’s all BS through and through.

    2. Nikon1

      Well said – And, I totally agree with your views. Makes me glad I’m on life’s final glide path – though, hopefully, with another 15 or so years left – and no heirs to worry about.

  5. Paul S.

    Strong encryption could provide a false sense of security if feds find ways to attack end-points. For instance, use big data and traditional intelligence to narrow search and then use side channel attacks, etc. Also, they can gain the advantage if and when quantum computing brakes math-based encryption. For now, it’s a race.

    1. JCitizen

      Do it like the crooks to it – they seem to have a lot of success! But Paul! That would mean they’d have to have the same intelligence as the typical cracker crook. They’d have to pick their targets and have a brain. The governments just want to do it the lazy way, and watch every body at once. That’s the stupid way, and requires finding what is worse than a needle in a haystack!

      Besides, nations were able to gather intelligence, long before wire and radio came along, and they did just fine back in history – but they used actual gumshoe “intelligence” instead of this farcical attack on freedom itself. Attacking freedom is just what the evil ones want. If it were me, I’d take advantage of the new 3D printed insect armies that can be spread in areas where plans are obviously been hatched and gather information with that robot army. An en masse invasion of such pests, would cause a wave of terror on the terrorists, but they could not stop all the data from getting back to the good guys. I salivate at the opportunity to create complete havoc inside ISIS!!! To them, it would seem no where would be safe – every head would swivel to see what new spy were flying into their fart sacks! HA! 3:)

  6. James Clements

    Two thoughts, first, outlawing encryption, or weakening it, reminds me of prohibition, but instead of smuggling whisky people would be selling access to illegal sites where you can store your data privately, and second, the saying “when you outlaw guns only criminals will have guns” can be changed to “when you outlaw encryption only criminals will have strong encryption”.

    1. Nobody_Holme

      Outlawing guns reduces the NUMBER of criminals with guns.

      Obviously, it would similarly reduce the number of criminals with encryption, were it to be outlawed.

      While there’s much less gun crime in countries with strong controls, there’s also still some.

      I feel like the analogy isn’t actually good, but it also is making me reconsider WHY my stance on guns is so diametrically opposed to my stance on encryption, when I don’t actually have anything to hide in as much as the saying goes.

      1. capnkrunch

        I’ve often wondered this myself. There’s a couple things I’ve come up with.

        Legitimate use. There really isn’t one for guns. Sure there’s recreation but that is a weak argument. Use for self defense is a myth. You are actually more likely to be injured or killed if you confront an armed criminal with a gun [1]. And the argument for it being a defense against authoritarian government is a joke. Your assualt rifles mean jack squat in the face of an organized military.

        Encryption has legitimate uses. It protects our data. It also serves as a safeguard for freedom of speech because knowing that the government can read anything you say has a chilling effect. And when it comes to keeping our government in check the First Amendment is infintely more important than the Second.

        Non-criminal use. Gun control doesn’t just stop homicide but it is a very effective suicide prevention measure as well [2]. Add to that lives saved by preventing accident shootings and you can see that even just taking guns away from honest, lawabiding citizens has a positive impact. Honest use of encryption on the other hand does not endanger lives.

        Ease of access. Controlling a physical product is much more feasible than controlling a digital one. You can’t roll your own firearms (without significant effort at least) but since the algorithms are well known you can roll your own crypto.

        [1] http://www.sciencedirect.com/science/article/pii/S0091743515001188
        [2] http://www.crisis.org.cn/UploadFile/ReadParty/10-Restriction%20of%20access%20to%20methods%20of%20suicide.pdf

        1. capnkrunch

          Oops. First reference should’ve been this:
          http://www.ncbi.nlm.nih.gov/pmc/articles/PMC2759797/

          However, the Science Direct link does bear out that guns do not protect from either bodily harm or property loss. On the other hand, properly used encryption can and does provide strong protection against property loss. The LastPass breach in particular comes to mind. Imagine if the PBKDF2 algorithm they used had a backdoor or they were forced to do key escrow.

    2. bob

      Criminals already have guns. Gun control is about stopping the ease of access and ubiquity of guns.

      However much the NRA nut jobs witter on, they’ve never managed to produce any decent evidence that citizens with guns mitigate in any way the actions of criminals with guns.

      The problem is that citizens with guns are very good at killing themselves, their kids, random strangers and not-so-random strangers particularly if alcohol is involved.

      Given that there’s no good reason to own a gun designed for killing people and lots of reasons against owning a gun designed for killing people it would save a lot of lives if such guns were banned.

      With crypto OTOH, there is no crypto battle between citizen and criminal. Both are using it to protect their interests.

      If I always use https when googling, it’s not necessarily because I’m protecting myself from criminals. I might be hiding: my sexuality; salary; intention to change job; actions theoretically protected by whistleblowing legislation; intention to leave an abusive partner; the suprise present I’m buying someone; intention to illegally protest my government; immoral but not illegal actions; etc.

  7. Robert

    I use Signal everyday for all messages that are sensitive. Also use iMessage which Apple claims to not be turning over information to the “authorities”. Between that, VPN’s on all devices, full disk encryption with TruCrypt and FileVault2 I try to keep my communications between the intended recipients.

    John Moe Signal and Wikr just replaced TextSecure. Both of which were developed by Moxie Marlinspike as was CryptoCat. Later purchased/formed into Whisper Systems. @moxie is a good dude, been in the scene for many many years.

    1. x

      I suspect by Wickr, you meant RedPhone.

      Brian updated the link for Wickr.

  8. Ben

    The rhetorical question at the very end of your piece can be nothing more than that for anyone sane and wary enough to see what’s been happening over the last decade. The US were first and Europe followed to cut back more and more on basic civil rights. Surveillance laws have been absurdly strechted in ways which were hard to imagine ten years back. What did they get from it? Nothing. LE still are not able to prevent events like Paris despite billions of dollars each year, yet virtually all citizens are subject to surveillance in one way or another. It’s a grim feeling nobody wants. It’s definitely a case of giving up our freedom for some sort of false security. The terrorists have won if we don’t manage to turn this back. Additionally, the billions spend on electronic surveillance go at a cost of traditional police work. In most areas in Europe they still cut down on police staff and equipment and instead shift resources to secret services. This is all so wrong. Decryption has never been more important than nowadays.

  9. Michael

    I think it’s time for the US citizens to seriously have a look at the people representing them. IT is such a big thing today, yet the people writing the rules/regulations around them are just about to fossilise. If your rep supports weakening your right to privacy so that they can catch criminals, get their but out of your gov. You would truly have to be foolish if you believed that weakening security will stop those who wish to use it for evil.

    Let’s just pretend that they could create the perfect back door which maintained everyone’s privacy without incident (you might have to pretend really hard). Ok, so now criminals are no longer paying for US based services for their illicit activities. That’s some money leaving US companies and moving elsewhere. And just how much would it cost to build all this.

    Sounds like a good way to waist millions and gain nothing, have they not learned anything from the countries who introduced meta-data retention laws?

  10. Belgium Comisioner

    Of course, the sony playstation 4is very diffiult track the communications packets between gamers.

    1. JCitizen

      According to what I heard on cable news, it isn’t even encrypted traffic, it is just that in a mesh network(I’m assuming) it is hard to determine who did or said what, and there is so much noise in such busy traffic, that it all melts into the background. Sounds like a perfect communications medium to me. I never thought I’d ever see anything Sony that promoted freedom.

      The authorities just need to use real intelligence to gather information and quite wasting billions of dollars looking for tid-bits in the tons of data. I feel they’ve already set themselves behind for the last 10 years!

  11. Bart

    In their calls for weakened encryption Brennan and Comey seem to be operating under the “Never let a crisis go to waste” theory.

  12. Ben

    BTW Brian, in your newsletter you’re recently adverstising cyber security webinars. I’ve been watching the one on counter threat operations today and I’ve got to tell you, that was pretty boring stuff. Basically just advertising their company: Recorded Future. You probably know they’re backed by In-Q-Tel and naturally take a strict view towards encryption regulary releasing papers trying to back goverments point of view. Certainly not the sort of company I’d advertise.

  13. JJ

    These are the same type of people who want to take away the rights of citizens to own firearms. The message may be different but the intent is the same.

    Another thought – if ISIS and other terrorist/criminal organizations are so adept at using encryption – then why the heck is government and big businesses so inept at protecting our personal data that keeps getting compromised because it’s not encrypted?

    1. SeymourB

      Unfortunately it’s not quite that black & white

      There are plenty of people who clutch their guns tightly to their chest while simultaneously calling for weak encryption. If it was as cut & dried as you state then congress would be overwhelmingly in favor of strong encryption, and most are clearly on the fence if not against of it.

      Some of the congresscritters asking for gun control legislation to be adequately enforced again (in effect undoing earlier acts of congress that prevented enforcement of existing laws) are the very same ones defending strong encryption.

      Maybe its time we all stop viewing things through a red/blue lens.

  14. Stephen

    Brian, your argument sound very familiar. To quote the NRA, “You take away the guns of law abiding citizens and only criminals will have guns”.

  15. who

    Anyone who’s ever bought anything, used a bank, or surfed the internet, has used strong encryption whether they knew it or not… Why does everyone in government want to cause a commercial and financial apocalypse so badly? Is stupid a prerequisite to governing?

  16. Omar

    Brian if you don’t stand for the truth who will ? You are the only who give us complex information on technology in a easy to digest way so I fear you will be a target by the government sooner or later! Are you willing the price for standing for the truth?

  17. Chris P Bacon

    This just another lame attempt to blame Ed Snowden by saying that encryption needs back doors even more because he had some how caused the terrorists to change their tactics due to his revelations

  18. John 2.0

    Maybe governments should take a course in hacking and countermeasures. Encryption is a valuable tool but it’s only as strong as the infrastructure behind it….

  19. David G

    Masked communications have been around for thousands of years. The CIA/NSA types will try and use Paris to get into our underwear of they think they can. What they don’t want to tell anyone is that the real issue is their lack of investment in technology to dramatically advance their capability to break encrypted data. The 99.999% of us, as law abiding citizens, do not abuse encryption and need it to remain safe on the internet. Can you imagine doing an unencrypted Facetime with children or grandchildren with all the trolls out there looking for it? Give me a break. The thugs will care less about restricted encryption. They’ll write their own. I swear the people in government are just plain stupid!

  20. Jimmy P

    Instead of going after Guns and Encryption maybe government should start going after criminals and terrorists.

  21. Vince Taylor

    Has anyone set up a petition to protest government weakening of encryption standards? If so, a link would be appreciated.

  22. Jethro

    It’s a broken record to me. The government has always threatened encryption and privacy with a multitude of different controversial issues. The Target breach, the Silk Road Crackdown, 9/11, and now Paris to name just a few. This won’t end anytime soon, and I’m sure Edward Snowden is receiving the brunt of it right about now. The Government is simply using the prison mentality when it comes to these circumstances. One bad egg and the whole block pays for it too. I hope the Tech Giants don’t back down and stay firm on their promise to deliver to their customers – but what confuses me is, haven’t these corporations in a way, already done so, via operation PRISM?

  23. Sam

    Lazy members of the intelligence community don’t want to have to work for their salaries but rather have everything handed to them on a silver platter. Look boys and girls it’s real simple you play by the rules, get your warrants to bug the communications systems of the suspects at the source before it gets encrypted and shipped, and present your legally obtained evidence in court.

    The days of sitting back and generating leads and stats from unencrypted chatter while you munch doughnuts and schlurp yer coffees are over you need to get off yer duffs and employ some elbow grease.

    At this point the mathematical genie is out of the bottle and only a fool could believe it possible to reverse that.

  24. B_Brodie

    the ‘trrsts’ play us like a fiddle and we come panting like pavlov’s dog.

    what do they want: the majority of the muslims to join their cause and to strike fear into the hearts of the west.

    how do they accomplish this? 9/11 attacks, paris attacks, 7/7 london attacks, etc

    that way, the west does the trrsts dirty work for them: make westerners so fearful that they alienate the ‘outsiders’, driving the outsiders into the arms of the trrsts.

    in the meantime, the spies and spooks get to peep in our private places because we let them. notice all those security cameras since 9/11? feel any safer this week? I thought not.

    and the military manufacturers book orders for guns and ammo

    and ultimately nobody is safer.

  25. Mark Strelecki

    Just wanted to say THANK YOU for being the catalyst we need to get attention and awareness of all those cool things you make your passion. The Internet still has the potential to be the great leveler, helping concerned citizens make sense of the media pablum and see through the factual prestidigitation that bombards us on an daily basis. You are a wonderfully significant contributor to the potential of the Internet, and I respect and commend your efforts without reservation. Excelsior, my friend. By all means, keep up your stellar work.

  26. Chris Nielsen

    I don’t think we need to have one or the other. The encryption companies should work with the government in ways that still largely provides privacy. There are known terrorist keyword “red flags”. Vendors should work with the gov so their applications monitor how they are being used. When something triggers a red flag, the company or the gov directly could be notified that the parties involved need to be monitored as suspicious. The application could transmit it’s IP address at the very least so authorities could start investigating.

    The other option could be to take samples of communications and send them to the company unencrypted so they can be examined. If there is something questionable, the gov could be notified. That could be automated.

    I think a back door could be created in such a way that it would not be hackable. And the method changed periodically so that any “key” that was compromised would not work for very long.

    But I think we all need to keep in mind that if people want to communicate in secret there are million ways of doing that on-line and of course off-line.

    As for the future, just look to the science fiction genre. Going back you can see much of the present has been predicted in one form or another. I’m not happy about it, but national ID cards and maybe one world government could be closer than we think.

    1. Jeff

      Chris Nielsen wrote: I think a back door could be created in such a way that it would not be hackable.

      That’s brilliant! Why didn’t Target think of that before their system was breached? Or OPM, or Allied Health, or any of the other organizations that were breached in recent years? If only they’d had the foresight to make their systems not be hackable, none of this would have happened.

      See how silly “not hackable” sounds when you think it through?

  27. CooloutAC

    Weren’t some of these terrorists already on a watch list? One of them even had his parents begging the gov’t to do something about their radicalized son. Doesn’t seem to have helped… These terrorists were supposedly all together in belgium why would they need playstations lol. I think the bigger problem is the same reason the USA got hit with 9/11. Different agencies failing to share information is the root problem. It even happens within diff ISP departments. Its not that they are missing intelligence, its the fact the intelligence they already have gets ignored or misunderstood. Mass surveillance only overhwhelms them and exacerbates these problems.

    And I definitely agree that banning encryption would mean only criminals would be using it. Definitely related to what an above poster said about “Outlawing guns means only outlaws would have guns” I really have a hard time believing that creating backdoors into encyryption programs would have helped to stop these terrorist attacks the same way that current proposed gun regulations wouldn’t have stopped 90% of the past mass shootings in the US.

    On one side the avg user with computers and phones have cyber thiefs and criminal peeping toms spying on them and their families(more often then people are willing to believe), and on the other side an overzealous government spying on them just as much because they consider them guilty before innocent. Its getting scary. Its like Hoover and the Mob all over again except worse, because corporations, whose only motive is a profit motive, are getting granted rights over and above individual citizens more and more, while individual citizen rights are getting taken away. It seems its more about protecting big business money then stopping crime.

    On a personal note, a public bouncer i’ve been using for many months to connect to irc just banned me this weekend for using tor. Even though I had told them in advance I would be using tor since they don’t offer ssl, and that I register an account on freenode and irc networks using the same name, and I am not trying to be anonymous. It was never a problem, now I mysteriously get banned this weekend out of the blue for proxy use? I use to blame malicious hackers and spammers for killing online community services and industries, now it seems businesses and governments are becoming just as bad.

    Criminals, especially when not involved in cyber crime, don’t need electronic communications to plan or commit their crimes. This has been a common sense fact for over 50 years and most know better then to use it. The main pieces of information that hurt the mob during the Gotti years was not from bugging phones or stealing personal documents… It was from bugging rooms and recording face to face conversations with on the ground surveillance.

  28. Chris

    This issue of encryption is just a distraction from the real problem of anti-terrorist organizations failing at their job. Even if terrorists had completely secure communications, they couldn’t function without committing overt acts that can’t be “encrypted” to hide their nature. Stockpiling explosives and blasting caps, assembling bombs, gathering fully automatic guns and ammunition are actions that can be observed. Transporting terrorists and their weapons happens in the physical world, not online. This is where the interdiction must take place.

Comments are closed.