Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encryption Rights Community: Protecting Our Rights To Strongly Encrypt

Posted by samzenpus on from the of-a-like-mind dept.

Lauren Weinstein writes: Around the world, dictatorships and democracies alike are attempting to restrict access to strong encryption that governments cannot decrypt or bypass on demand. Firms providing strong encryption to protect their users — such as Google and Apple — are now being accused by government spokesmen of "aiding" terrorism by not making their users' communications available to law enforcement on demand. Increasingly, governments that have proven incapable of protecting their own systems from data thefts are calling for easily abused, technologically impractical government "backdoors" in commercial encryption that would put all private communications at extreme risk of attacks. This new G+ community will discuss means and methods to protect our rights related to encrypted communications, unfettered by government efforts to undermine our privacy in this context.

13 of 140 comments (clear)

  1. Don't worry about it by Sigvatr · · Score: 3, Insightful

    I can't imagine any scenarios where any government could practically restrict encryption at all.

    1. Re:Don't worry about it by w1zz4 · · Score: 4, Informative

      You cannot restrict it, but you can make it "Illegal to use", like in Cuba.

    2. Re:Don't worry about it by Anonymous Coward · · Score: 5, Insightful

      They could simply reprogram the internet to block encrypted trafic.

      Good idea - those "e-commerce" and "online banking" fads were just about done anyway.

    3. Re:Don't worry about it by Jason+Levine · · Score: 3, Insightful

      If there's one thing the government fears most of all (and no, it's not a group of citizens upset with their actions) it's a riot from companies that lobby them. Block all encrypted traffic and every online retailer (including lots of big name, big lobbying companies) would find themselves unable to conduct business online. Block encryption and banks wouldn't be able to fulfill transactions online. Block encryption and health care companies couldn't show you medical information online. All of these sectors would send lobbyists on a "Seek and Destroy" mission should any such bill ever be seriously considered.

      --
      My sci-fi novel, Ghost Thief, is now available from Amazon.com.
    4. Re:Don't worry about it by AmiMoJo · · Score: 4, Insightful

      Strong encryption use just makes a message stand out.

      Years ago when Bittorrent first started encrypting traffic there were loud complaints from GCHQ and MI5 about how it was making their lives much more difficult. Previously encrypted traffic stood out and helped them, but suddenly the (bit)torrent of encrypted data was making it difficult to separate interesting traffic from pirated music and TV shows.

      I'm sure they have upped their game since then, but the basic principal is sound. If everyone starts to encrypt everything all the time it becomes much harder to figure out what is interesting. It also makes them waste resources trying to store or decrypt data that turns out to be worthless. Fortunately for us more and more apps implement encryption by default.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. Slight correction by reboot246 · · Score: 5, Insightful

    The first sentence in the summary needs a slight correction.

    It reads, "Around the world, dictatorships and democracies alike are attempting to restrict access to strong encryption that governments cannot decrypt or bypass on demand."

    It should say, "Around the world, dictatorships and democracies with governments wanting to become dictatorships are attempting to restrict access to strong encryption that governments cannot decrypt or bypass on demand."

    1. Re:Slight correction by lkcl · · Score: 3, Interesting

      It should say, "Around the world, dictatorships and democracies with governments wanting to become dictatorships are attempting to restrict access to strong encryption that governments cannot decrypt or bypass on demand."

      about six or seven years ago i used to go a lot further than that, but at the time people disregarded what i said as being completely outrageous. times change.... let me reiterate it by way of parallel example.

      this sentence "Firms providing strong encryption to protect their users — such as Google and Apple — are now being accused by government spokesmen of "aiding" terrorism"

      should read "Firms providing strong encryption to protect their users — such as Google and Apple — are now being accused by terrorist spokesmen...."

      i believe it was joseph goebbels, hitler's right-hand man, who said that the way for a government to get what it wanted was to terrorise people by making them think that they were no longer safe in their own homes. that if they didn't cecede power to the goverment then someone who was beyond the ability of the government to control would possibly kill them in their own beds, or on their way to work, or would kill their children on the way to school.

      this strategy is one that governments today are fully aware of (they saw how effective it was for stalin and hitler and mussolini after all), and they are quite happy to copy it. unfortunately, when people fully trust their governments and cecede all power to them, historically we've seen how quickly things can flip to become very very dangerous. the problem is that i don't see how, when power is ever so slowly eroded in small incremental steps, it is possible to reverse that situation for people's benefit, without a very large event occurring (such as a bloody riot or a civil war). maybe it's possible now, peacefully, with the internet the way it is, and with organisations like avaaz, al jazeera, 38degrees and more: i don't really know. should we have faith in people and the way the internet works, now?

  3. If no secrets should be kept from the gov't.... by mark-t · · Score: 4, Insightful
    ... And one who has done nothing wrong should have nothing to hide, then why do government workers wear clothing while working? After all, clothes cover up the body, and if you wear them then you are keeping something hidden fom those around you. Is there something wrong with their bodies that they feel they should cover them up?

    The question is, of course, rhetorical. One generally wears clothes around other people not because there anything (necessarily) wrong with what is underneath the clothing, but because they cover something that most people consider private.

    --
    File under 'M' for 'Manic ranting'
    1. Re:If no secrets should be kept from the gov't.... by Anonymous Coward · · Score: 3, Insightful

      Within the physical world there are always ways to bypass locks if you have enough time, resources and lawyers. The government doesn't need lawyers and their time and resources are quite substantial. In this case no matter how much you want to lock something up they have a blowtorch, dynamite, nitroglycerin, or nukes to make sure they can bust it open.

      Encryption is different because they don't have enough force to break the lock. These are sociopaths that are used to getting their way and having the upper-hand in every situation so it scares them that they can't beat this. They've been handed an impossible problem and now they're throwing a hissy-fit demanding that impossible problems are illegal.

      Watching the gymnastics going on right now is quite revealing. They're going to quite some lengths to make sure they can have access. Ask yourself one question: They're throwing so much at this one lock, so how many locks have they already broken? All the things we thought were safe from prying eyes probably aren't.

      I just hope their uber spy center doesn't get hacked or the whole world is hosed.

  4. Baffling.... by Dega704 · · Score: 4, Insightful

    Lets pretend for a moment that government-mandated backdoors don't violate our 4 amendment rights eight ways till Friday and really will be only accessible to government agencies. (Background sniggering) Stay with me guys. Let's say their birthday wish is granted and all of the big tech companies implement backdoor decryption that only they can access.

    Do they really think a single @#$%ing terrorist or criminal with half a brain is actually going to use those services instead of other alternatives? Maybe the next part of their amazingly forward-thinking plan is to convince Richard Stallman to bend a knee and put a backdoor in GnuPG.

  5. The right to NOT encrypt by Anonymous Coward · · Score: 3, Insightful

    What about the right to NOT ENCRYPT everything and still have privacy? The right to expect your spook agency to work to protect your privacy right from spying by foreign countries?

    No just foreign countries too. Why should the existing government be able to spy on every up coming politician, political campaign group, journalist, MP, congressman? How is it any of the governments business to watch the communications of its citizens and opponents?

    This "you are all terrorists" ergo we spy on you, and "we are all good" ergo we spy in secret with secret laws and secret interpretations of words, how is this defendable?

  6. G+? No. by Foresto · · Score: 5, Insightful

    You had me until you said you plan to use Google+. Bye bye.

  7. Same old same old.... by erp_consultant · · Score: 5, Insightful

    This is the same tired argument used by the government to "protect us" against "terrorists". And thus the birth of the TSA and Homeland Security. Another bloated bureaucracy that has been an abject failure by every measure. Billions of taxpayer dollars wasted every year and the "war on terror" is no closer to being won than the day it started. Kind of like the war on poverty, but that's another topic for another day.

    I don't trust the government having this information and I sure don't trust them to secure it. Just ask the 21.5 million people that had their personal information stolen from government servers recently at the Office of Personnel Management (OPM). Vulnerabilities on those systems were known since 2007 and yet nothing was done to fix it. As usual, the initial breach was downplayed and otherwise covered up.

    So by my count the government:

    a) ignored reports that the data was vulnerable
    b) did nothing to protect it
    c) lied about the true scope of the attack and
    d) tried to cover it up after the fact.

    And I'm supposed to trust these clowns to have encryption back doors so they can snoop around with my private data? Not bloody likely.