Jimmy Wales and Former NSA Chief Ridicule Government Plans To Ban Encryption

Mickeycaskill writes: Jimmy Wales has said government leaders are "too late" to ban encryption which authorities say is thwarting attempts to protect the public from terrorism and other threats. The Wikipedia founder said any attempt would be "a moronic, very stupid thing to do" and predicted all major web traffic would be encrypted soon. Wikipedia itself has moved towards SSL encryption so all of its users' browsing habits cannot be spied on by intelligence agencies or governments. Indeed, he said the efforts by the likes of the NSA and GCHQ to spy on individuals have actually made it harder to implement mass-surveillance programs because of the public backlash against Edward Snowden's revelations and increased awareness of privacy. Wales also reiterated that his site would never co-operate with the Chinese government on the censorship of Wikipedia. "We've taken a strong stand that access to knowledge is a principle human right," he said. derekmead writes with news that Michael Hayden, the former head of the CIA and the NSA, thinks the US government should stop railing against encryption and should support strong crypto rather than asking for backdoors. The US is "better served by stronger encryption, rather than baking in weaker encryption," he said during a panel on Tuesday.

The money quote

[squiggleslash]

Hayden said that losing the first Crypto War on the Clipper Chip did not stop the US government from obtaining the information it needed.

âoeIn retrospect, we mastered the problem we created by the lack of the Clipper Chip,â he said. âoeWe were able to do a whole bunch of other things. Some of the other things were metadata, and bulk collection and so on.â

So... "don't ban encryption, we don't need to!"

Re:The money quote

The members of government that want to ban encryption simply do not understand the information enterprise. They were born and raised in a world where that was not a part of their day-to-day mindspace, so they fundamentally don't get it. They especially don't understand how important it is for ordinary commerce, and the economy as a whole.

Government is always about a decade or two behind current technological trends, and often passes laws that do great harm and no good because of this. Eventually (10-20 years too late) those laws usually get corrected. But in an age where technology progresses as fast as it does today, a 10-20 year lag can be extremely painful.

Re:The money quote

[Impy+the+Impiuos+Imp]

I was under the impression the Supreme Court had already ruled you can encrypt as the encrypted message is protected speech, too.

That should be the case if not, but I do remember reading that. This was also why the government could get away wth banning export of encryption devices, but not the speech itself.

Re:The money quote

[AmiMoJo]

They are not proposing a ban outright, they are proposing to ban products that they can't circumvent.

Banks will be able to use encryption because they hand over financial records when asked. Shops will be able to use encryption because they need it and the purchase is logged elsewhere for the government to access anyway.

Facebook, Google and Apple will be banned from using encryption so that the government can simply tap a backbone or two and hoover everything up for later analysis. You won't be able to encrypt your phone unless (every) government (and criminal) is allowed to have a backdoor.

It's best not to straw man this argument. We need more direct arguments against their proposals to make sure that they don't happen, otherwise it looks like we didn't understand them and are thus easy to dismiss and crackpots or idiots.

same as guns

[slashmydots]

So making encryption illegal will stop terrorists from using encryption? You know, the same way that making terrorism illegal stops terrorism. What a joke. It's the same as guns. If you make guns illegal, criminals will still have them. That's why they're criminals. They don't follow laws.

Re: same as guns

Same as abortions. Wait, what?

Re: same as guns

[Coren22]

Sure, before abortions were legal, desperate women would use coat hangers, or go to the local witch doctor.

Re:same as guns

So making encryption illegal will stop terrorists from using encryption? You know, the same way that making terrorism illegal stops terrorism.

In a way it almost could. If encrypted communications are illegal, then any party encrypting their communications can be easily identified, apprehended, and arrested before anything unpleasant happens. You no longer need to care about what was in the communication, the existence of the communication becomes enough of a crime to pursue.

However this will just lead to a dramatic increase in use of steganography instead of encryption. Funny cat pics will have embedded text and amateur porn videos will have detailed plans etched into the frames.

So, end result, outlaw encryption and you catch a few criminals who didn't get the memo and some encryption fanatics. Anyone worth worrying about will already have a new plan in place, and then we get the politicians trying to find ways to make those illegal rather than do any actual data analysis or espionage.

Re:same as guns

[kbg]

No it's not the same as guns. Guns are physical objects, encryption is not. Encryption is nothing else than a few mathematical formulas. It is impossible to ban thoughts and speech however you can ban guns.

Re:same as guns

The essence of the gun-ban arguments is that the guns will be more difficult for criminals to get a hold of, which means fewer criminals will have them, which means fewer innocent people will die.

It is obviously quite dubious, since criminals that can't get guns will get other means of killing people. And anyway the numbers of lives that are (in theory) saved pale in comparison to the number of people that die from automobile accidents every day. The motivation is not actually saving lives (since there are far more impactful things that can be done for that), but rather, making the world less scary. This is not a good reason to deprive all the responsible gun owners of this effective means of self-defense.

Re: same as guns

You're right, we should just do away with all laws. Criminals will be dealt with efficiently by citizens' guns -- no more need for police. Just like in the good old West.

The point is that laws should be focused on the harmful activity rather than on banning the tools that criminals happen to use. If you make the tools illegal then you are just making good people who might use the tools for legitimate purposes criminals. Making it illegal to use encryption is like saying that it is illegal to lock on your door because it makes it harder to police to search your home.

Re: same as guns

[Chris+Mattern]

Gee, when I went to the local witch doctor, he just told me, "Ooh ee ooh aah aah, ting tang walla walla bing bang."

Re:same as guns

[fred911]

Um... tell that to Phil Zimmerman https://en.wikipedia.org/wiki/... .

Re:same as guns

[0123456]

Gun control actually works in a lot of other countries.

[citation needed]

Hint: I'll save you some trouble, by pointing out that there's no correlation between gun ownership and crime rates, and the governments of some of those disarmed nations you love so much have killed millions of their people in the last century alone.

Re:same as guns

[Curunir_wolf]

No it's not the same as guns. Guns are physical objects, encryption is not. Encryption is nothing else than a few mathematical formulas. It is impossible to ban thoughts and speech however you can ban guns.

Right. Works as good as banning drugs, right?

Re: same as guns

Well, the poorer women did. The upper middle class and rich went to "specialists" or out of country.

Re:same as guns

[rock_climbing_guy]

I wish I could agree with you, but I think they actually could enforce a ban against encryption. If encryption is illegal, then Google, Microsoft, Apple, et al can be forced to stop using it. Then whatever small players are left who violate the ban will stick out like a sore thumb. They would then be arrested.

Re: same as guns

[Darinbob]

Did it work?

Re:same as guns

[kbg]

Drugs are not the same as guns. You don't get physically addicted to guns. You are comparing apples and oranges.

Re:same as guns

[david_thornley]

It's fairly easy to tell encrypted stuff from unencrypted stuff. It's hard to tell the difference between strong and weak encryption without actually trying to decrypt it.

Re:same as guns

[Curunir_wolf]

Drugs are not the same as guns. You don't get physically addicted to guns. You are comparing apples and oranges.

You said banning guns would be easier than encryption because guns are physical objects. When I pointed out drugs are physical objects, too, and bans fail, you move the goal post. So... you think the only people using illegal drugs are physically addicted?

I assume you, like most people, don't really want to ban guns, but just provide certain people with a monopoly on using them. More people have been killed by their own government than by any other cause.

Re:same as guns

[l0n3s0m3phr34k]

They'd have to arrest everyone pretty quickly, because without any encryption the entire planet's financial system would be compromised and collapse with maybe six months. Russian criminal gangs would OWN the banks overnight, it would be mass chaos. We wouldn't need Tyler Durden, with all financial transactions in the clear.

Re:same as guns

[kbg]

No you are confused. Guns, drugs and encryption are not the same things. Guns are objects designed to kill people, drug is a material designed to give you euphoria and are physically addictive, encryption is a mathematical concept. It is possible to ban or limit guns, it is very hard to ban drugs because once people get addicted their only purpose in life is to get more drugs, encryption is extremely hard to ban because it is a mathematical concept.

What is so hard to understand?

More people have been killed by their own government than by any other cause

And so what? It just means you have a bad government. If the government is trying to kill, you should move somewhere else. Trying to inflict more death by guns isn't the answer. If you are afraid the government will kill you, there is something wrong with your system or you.

Re:same as guns

[Curunir_wolf]

So you're one of those "ban guns" - except for the police, a bunch of bureaucrats, some government officials, approved security people for the wealthy, and other elites that need protection from the unwashed masses that are not allowed to have guns - people.

Re:same as guns

[Zero__Kelvin]

"No it's not the same as guns. Guns are physical objects"

Read my .sig

'nuff said?

In case not, allow me to elaborate. Encryption is performed with some kind of physical object. They won't outlaw the concept, since that is impossible. They will outlaw the tools. You see, it is the same thing as guns. You just haven't thought it through before posting.

Re:same as guns

[kbg]

In case not, allow me to elaborate. Encryption is performed with some kind of physical object. They won't outlaw the concept, since that is impossible. They will outlaw the tools. You see, it is the same thing as guns. You just haven't thought it through before posting.

No it is not the same thing, you just haven't thought it through before posting. Encryption is performed by a computing device. You can't ban computers as a whole, because computers are useful devices for a lot of things. Just like cars are dangerous devices but we don't ban cars because they are designed as transport and are useful in society. Guns are designed for only one thing to kill people, they are not useful for anything else. Now you might argue that you can use guns for hunting animals. Yes but then you don't need to own an assault rifle with a 100 round magazine. At most you should only be allowed to own a shotgun with a maximum magazine of 3 shots and a single shot rifle and with very strict rules about ownership.

Re:same as guns

[kbg]

No I think mostly only the police should be allowed to own guns. Security people should not, if they need guns for something they should call the police.

Re:same as guns

If encrypted communications were illegal, then everyone who ever buys anything online would be instantly hacked and their bank accounts drained. All internet-facing businesses would basically have to go offline because it would be too easy for people to hack them and steal all the info they have on their customers, including payment information, etc.

The first world, as we know it today, can no longer function without encryption.

Incidentally, computer hacking is already illegal, and we cannot today just find and arrest anyone who does it. It won't be so easy as you think to just locate and arrest any person who uses encryption. So apart from the economic catastrophe it would cause, the criminals would merrily encrypt with impunity.

The very ideal of an encryption-free world is ludicrous.
 

Re:same as guns

[Curunir_wolf]

No I think mostly only the police should be allowed to own guns. Security people should not, if they need guns for something they should call the police.

LOL. Okay, dude. You're naive, at best. You trust the police? Apparently you haven't been paying attention lately. The police, who are now using military surplus on people in the streets, that are never held accountable for excessive use of force? The police, which the courts have already established have NO obligation to protect anyone?

Here's a clue for you: this will never happen. Banning guns starts with the debate on who will actually have a monopoly on having guns. It will NOT be "just the police". There are many armed bureaucracies that will NOT give up their guns. The FBI and everyone under Homeland Security, sure. But also the Department of Education (did you know they have their own SWAT squads?), HUD, Health and Human Services, the Department of Agriculture (which also has their own SWAT teams, they use them for raiding illegal raw milk producing farmers, among other things), the State Department (of course), and Commerce (yep, armed). There are numerous state bureaucracies that also have armed teams, including Alcohol bureaus and DMVs. All these folks will NOT be willing to give up guns.

Most private security companies are run and often staffed by military veterans and retired police, and none of them are going to give up their guns. And the wealthy and the elites that hire them will make sure they never have to. Because, yes, your rulers do not want you to have guns, and that's the rulers in government and the rulers not in government. Do you think the banks are going to go along with having their money and assets transported around by unarmed guards? Your government cannot function without the banks, there is no way they will disarm the banks and their security folks. You're going to tell them "Well just call the cops." Good luck.

Of course, we're just getting started. There will be MANY groups clamoring to be part of the monopoly-allowed-to-have-guns, many of them with money and influence, not to mention the weapons manufacturers themselves. One of the few productive exports the US has left is weapons - you think they will give that up? Oh, then you get to try to figure out HOW those powerless, not wealthy, and non influential people will be disarmed, and WHO is going to disarm them. Break out the popcorn - it's going to be fun.

Re:same as guns

[Zero__Kelvin]

"No it is not the same thing, you just haven't thought it through before posting."

Let me begin by saying that you have shown yourself to be a complete idiot, and parroting my words isn't helping your case any. You see, I thought it through. I just understand computers much better than you do apparently. A gun is a barrel, plus a firing pin, etc. An encryption device is, for example, a general purpose computer + software that performs encryption. Barrels aren't banned. Firing pins aren't banned. Metal isn't banned. The banning is of the complete system. Computers aren't going to be banned. Software isn't going to be banned. The complete system will be banned (as there is no other way to do it.) See? No difference.

"Guns are designed for only one thing to kill people, they are not useful for anything else."

You are apparently thinking of the song "Saturday Night Special" by Lynard Skynard, and apparently you didn't get the memo that even they subsequently released "Give Us Back Our Guns." I have really bad news for you, but guns have many other purposes than killing people. Or did you think that all the police walking around you are planning on killing someone?

" Now you might argue that you can use computers for writing documents. Yes but then you don't need to own an encryption program!."

See how that works? For anything you write about guns, I can substitute the encryption machine analog.

"At most you should only be allowed to own a shotgun with a maximum magazine of 3 shots and a single shot rifle and with very strict rules about ownership."

Now you've transitioned into some gun control moron making an argument that is about gun control, when the topic is encryption. Nice attempt to hijack the thread though! Have a nice day ...

Re:same as guns

[Boronx]

Not if you arrest them for having them. How hard a concept is that?

Re:same as guns

[rtb61]

One thing about guns that is very similar to drugs, legal varieties of course. Want to reduce their use, then ensure the taxes on them reflect the harm they cause. User pays means the group that users those items, drugs or guns should pay for all the damages caused by those items, no more privatising the profits and socialising the losses. There should be sufficient tax placed upon guns and bullets to ensure that all the damage caused by their illicit, ignorant, clumsy, foolish use is paid for and not by people who do not have or use them. So somewhere upwards of 100% tax and this should apply to used guns as well.

Encryption of course is directly tied to the principle of freedom. A free person owns there privacy, a slave's privacy is owned by someone else. The more privacy you lose, the more a slave you become. Loss of privacy extends to physical sexual assaults (body search), where you are no longer private to your person but others are allowed to molest you, strip you naked and, sexually assault you and you whole family at will, exactly as they would for any other group of slaves.

Only a free person has privacy and a slave never does and that is a core social principle since time immemorial. So slave or free person, you decide who owns your private life, you or some one else, not just information but also your physical person.

Re:same as guns

[goose-incarnated]

No it's not the same as guns. Guns are physical objects, encryption is not. Encryption is nothing else than a few mathematical formulas. It is impossible to ban thoughts and speech however you can ban guns.

Ah. The abstinence approach to guns... Why would you think abstinence works with guns? We've seen it not work with sex. What *did* work in reducing teenage pregnancies was sex education, not preaching abstinence.

Re:same as guns

[kbg]

A gun is a barrel, plus a firing pin, etc. An encryption device is, for example, a general purpose computer + software that performs encryption. Barrels aren't banned. Firing pins aren't banned. Metal isn't banned. The banning is of the complete system. Computers aren't going to be banned. Software isn't going to be banned. The complete system will be banned (as there is no other way to do it.) See? No difference.

Well you could try to do that but since encryption is just math, banning it realistically in any way or form is basically impossible. The difference is that guns are physical objects and that is a lot easier to handle or ban, guns are also a lot harder to create than software. To create encryption you only need a general purpose computer and the thoughts in your brain. To use encryption you only need to download it from somewhere. It's like the difference between a store selling physical counterfet copies of music discs and music piracy on the Internet. The first example is easy to monitor and regulate, the second is almost impossible.

" Now you might argue that you can use computers for writing documents. Yes but then you don't need to own an encryption program!."

See how that works? For anything you write about guns, I can substitute the encryption machine analog

Yes that is correct you don't need to own an encryption program to write documents, but you do need encryption to use the Internet. In the same way you do not need to own an assault rifle to hunt animals, but you do need one to kill a lot of people. In the former encryption is useful for society and doesn't harm people, in the second assault rifles aren't useful for society and harm people. You can substitue encryption for guns in a sentence but since they are not the same thing that doesn't always make sense.

Re:same as guns

[kbg]

Ah. The abstinence approach to guns... Why would you think abstinence works with guns? We've seen it not work with sex. What *did* work in reducing teenage pregnancies was sex education, not preaching abstinence.

That is because sex and guns are not the same things. Just like drugs, there is a chemical element to it that motivates you physically to have sex. You can't ban sex and expect it to just work, because your body (teenagers especially) is constantly pumping out hormones to make you want to have sex. If there was no chemical element to it, banning it would be really easy. In the same way totally banning all drugs isn't going to work in the long run.

I don't see why this is so hard to understand, just because you don't like it, banning or limiting guns is a possibilty.
Let's take a different object like cars. Could you ban cars? Yes you could. You could argue that cars are dangerous and some people even use cars to kill people. But would that make much sense? No, cars are not primarly designed to kill people, they are designed as transport. So usefulness of cars outweigh their detriment in society. Guns however only have a detriment.

Re:same as guns

[goose-incarnated]

Ah. The abstinence approach to guns... Why would you think abstinence works with guns? We've seen it not work with sex. What *did* work in reducing teenage pregnancies was sex education, not preaching abstinence.

That is because sex and guns are not the same things. Just like drugs, there is a chemical element to it that motivates you physically to have sex. You can't ban sex and expect it to just work, because your body (teenagers especially) is constantly pumping out hormones to make you want to have sex. If there was no chemical element to it, banning it would be really easy. In the same way totally banning all drugs isn't going to work in the long run.

I don't see why this is so hard to understand, just because you don't like it, banning or limiting guns is a possibilty.

What's hard to understand is the rationale that because 0.001% of $FOO owners are responsible, we need to take away $FOO from the other 99.99% of $FOO owners. It doesn't matter what $FOO actually is - when you propose that the state bans something that is responsibly used by 99.99% of owners you better have a damn good reason, especially when the numbers show that residential swimming pools have a death rate roughly 4-5 *TIMES* higher than residential fiream ownership.

If you've got a good reason for why you'd want to ban guns but not residential swimming pools when the death rate for guns is lower, I'd like to hear it.

Re:same as guns

[Zero__Kelvin]

"Yes that is correct you don't need to own an encryption program to write documents, but you do need encryption to use the Internet. "

Who the fuck told you that? The internet pre-dates SSL by quite some time. I am not even going to address what you wrote, since it is merely a re-hashing of your cluelessness. Since you clearly can't understand what I'm writing, have no idea what you are talking about, and refuse to learn anything it's time for this sound: Plonk

Re:same as guns

[TapeCutter]

It may no be a gun but encryption algorithms are classed as a "munition" by US/UK/AU. Exporting a controlled algorithm to a foreign country was tightly controlled up until the late 80's - early 90's when Phil Zimmerman released PGP and demonstrated that the export controls could be circumvented by a changing a #define in legally exportable code.

The horse has bolted, the global financial system depends on encryption for their bread and butter. Doesn't matter what a retired IRA supporter thinks.

Re:same as guns

[TapeCutter]

Drugs need not be addictive, eg: dope is generally considered to be non-addictive.

I agree the US has a gun 'problem', you are ~40X as likely to get murdered by a gunman in the US as you are in UK/AU. It's not just about the lack of regulation in the US, it's a cultural thing. Even when handguns were legal here in Oz and sold in hardware stores (yes, I am that old), most people held the same attitude as they do now - "only cowards and crooks need a gun for self defense". The vast majority of Aussies strongly support the current restrictions, and we like the fact that our prime minister can get on a city tram or go for an early morning jog without a small army of heavily armed spooks and bodyguards following him about.Yanks are different, they are more fearful of their own countrymen, and more often than not fear is what pulls the trigger.

Re:same as guns

[AmiMoJo]

So making encryption illegal will stop terrorists from using encryption?

Incredibly it seems that it will, at least for some subset of terrorists.

If you head over to Facebook or Twitter you can find lots of people and groups supporting terrorism and encouraging people to become terrorists, e.g. by joining IS or committing crimes. It seems crazy because surely they must know that it isn't safe, that their private Facebook messages are not really private, but actually the security services don't try too hard to catch people this way because they want the intel that Facebook chatter gives them. If you are going to join IS you probably don't care if MI5/the FBI has a file on you, and it's a fertile recruiting ground.

Often the security services do get wind of this stuff and manage to get the data with court orders. What they want is to ban Facebook from encrypting that data as it passed between the user and Facebook's servers, or between Facebook data centres. They want to use their existing backbone "full-take" taps to hoover it up without having to go to all the effort of getting a court order.

Re:same as guns

[kbg]

What's hard to understand is the rationale that because 0.001% of $FOO owners are responsible, we need to take away $FOO from the other 99.99% of $FOO owners. It doesn't matter what $FOO actually is - when you propose that the state bans something that is responsibly used by 99.99% of owners you better have a damn good reason, especially when the numbers show that residential swimming pools have a death rate roughly 4-5 *TIMES* higher than residential fiream ownership.

Yes it matters what $FOO actually is. It depends on what the thing is used for. Let's do a $FOO=Nuclear weapon, I would think most nuclear weapon owners would be responsible so why ban civilians owning nuclear weapons? What about $FOO=Sarin gas?. You can see your line of reasoning is ridiculous.

If you've got a good reason for why you'd want to ban guns but not residential swimming pools when the death rate for guns is lower, I'd like to hear it.

Because guns are designed to kill people, that's why. Swimming pools are not designed primarily to kill people, they actually have other purposes. But yes if swimming pools have a high death rate it also means we need more regulations for swimming pools and how they are designed and safety concerns for them, but that only means we need regulation for both swimming pools AND guns.

Re:same as guns

[kbg]

"Yes that is correct you don't need to own an encryption program to write documents, but you do need encryption to use the Internet. "

Who the fuck told you that? The internet pre-dates SSL by quite some time. I am not even going to address what you wrote, since it is merely a re-hashing of your cluelessness. Since you clearly can't understand what I'm writing, have no idea what you are talking about, and refuse to learn anything it's time for this sound: Plonk

And that is exactly why the old Interweb was totally unsafe. If you do any online shopping or handle critical documents you need encryption period. Don't let the plonk hit you on your way out.

Re:same as guns

[goose-incarnated]

What's hard to understand is the rationale that because 0.001% of $FOO owners are responsible, we need to take away $FOO from the other 99.99% of $FOO owners. It doesn't matter what $FOO actually is - when you propose that the state bans something that is responsibly used by 99.99% of owners you better have a damn good reason, especially when the numbers show that residential swimming pools have a death rate roughly 4-5 *TIMES* higher than residential fiream ownership.

Yes it matters what $FOO actually is. It depends on what the thing is used for. Let's do a $FOO=Nuclear weapon, I would think most nuclear weapon owners would be responsible so why ban civilians owning nuclear weapons? What about $FOO=Sarin gas?. You can see your line of reasoning is ridiculous.

Did you just equate a single firearm with a nuclear weapon?

If you've got a good reason for why you'd want to ban guns but not residential swimming pools when the death rate for guns is lower, I'd like to hear it.

Because guns are designed to kill people, that's why. Swimming pools are not designed primarily to kill people, they actually have other purposes. But yes if swimming pools have a high death rate it also means we need more regulations for swimming pools and how they are designed and safety concerns for them, but that only means we need regulation for both swimming pools AND guns.

The swimming pool death rate is 4x-5x higher than firearm death rate. There is no "IF" about it - both numbers are on the CDC website (different pages on the same website). If we restrict the stats to children only, then the swimming pool death rate is around 20x the firearm death rate.

Regardless of what $FOO is "designed for", if it is measured, in practice and over the course of decades, to be safer than swimming pools then what it is designed for is irrelevant - it may be designed for killing but if it isn't any more dangerous than a swimming pool then you can't really call it a killing machien, now can you? It kills far fewer people than innocuous equipment.

Re:same as guns

[kbg]

It may no be a gun but encryption algorithms are classed as a "munition" by US/UK/AU. Exporting a controlled algorithm to a foreign country was tightly controlled up until the late 80's - early 90's when Phil Zimmerman released PGP and demonstrated that the export controls could be circumvented by a changing a #define in legally exportable code.

The horse has bolted, the global financial system depends on encryption for their bread and butter. Doesn't matter what a retired IRA supporter thinks.

Yes and defining encryption as "munition" is beyond stupid. You might as well just ban math for all the good it will do.

Re:same as guns

[kbg]

Did you just equate a single firearm with a nuclear weapon?

Yes because that exactly shows why your argument is stupid. Gun nuts like to say that the 2nd amendment gives them right to own *any* weapon with no limitations, even weapons created long after the amendment was written, but then when you ask about a nuclear weapon then of course that isn't in the list. But if the 2nd amendment doesn't have a clause about a nuclear weapon why can't I own one? You can then go down the list and ask about: attack helicopter, missile launcher, tank, land mines, rpg e.t.c

There are obviously some things that a civilian should not be allowed to own, even though most of them would be responsible because the danger is just too much and unnecessary.

The swimming pool death rate is 4x-5x higher than firearm death rate. There is no "IF" about it - both numbers are on the CDC website (different pages on the same website). If we restrict the stats to children only, then the swimming pool death rate is around 20x the firearm death rate.

Regardless of what $FOO is "designed for", if it is measured, in practice and over the course of decades, to be safer than swimming pools then what it is designed for is irrelevant - it may be designed for killing but if it isn't any more dangerous than a swimming pool then you can't really call it a killing machien, now can you? It kills far fewer people than innocuous equipment.

Death rate in swimming pools doesn't invalidate other claims. It's not like we can't put in any laws about guns because people die in swimming pools. No we can do something about all issues. Swimming pool death rate only shows that this is also a issue that can be lowered by having more monitoring and life guards at public swimming pools and other safety regulations for private swimming pools. I can tell you that in my some European countries there are regulations that require private swimming pools to be elevated at a height above the ground, this is so that small children don't fall into them. Swimming pools are useful in society, guns are not.

Re: same as guns

[Runaway1956]

LOL - I can't tell you where to find them. They're all around you. To experience that kind of thing, you've got to be in the right place, at the right time, and willing to play along with whatever her needs are. Halifax, Nova Scotia was memorable. I walked off the ship, gawking around. Someone walked up behind me, grabbed my elbow, and told me that I was coming home with her. Nice looking gal - 6 ft tall - lovely but unusual color from her African-Irish-Iroquois ancestry. Beauty. I told her that i wanted to hit the bars and get a few drinks first. She said that she had all the liquor I could want at her place. I let her drag me home, and holy SHIT, that woman was demanding!

Right place, at the right time. But, I swear, there's one near you right now!

Re:same as guns

[lucien86]

They want to drown the world under these laws..

Re:same as guns

[sad_]

talking about guns... how is encryption a bigger problem then guns and mass shootings?

Banning encryption?

[JustAnotherOldGuy]

Banning encryption seems like the War On Drugs...destined to be an utter failure.

I hate the way most media portrays users of encryption as probable criminals or as being "up to no good". They rarely see that encryption can be a good thing (and usually is, frankly).

But lets not get all "facty" and let reality get in the way of scaring the goobers. Besides, they're too busy posting every detail of their life on Facebook to worry about stuff like that.

Re:Banning encryption?

[zlives]

"destined to be an utter failure" depends what you are trying to accomplish.
I really think what they are trying to do is create a society where you don't have to hide what you are doing and everything is permissible and acceptable. i think that is a noble goal :)

Re:Banning encryption?

[93+Escort+Wagon]

I hate the way most media portrays users of encryption as probable criminals or as being "up to no good".

I have only seen quotes of government officials saying this - not reporters. However if a reporter says this, he obviously doesn't know what the little lock icon on his web browser means while he's doing online banking.

Re:Banning encryption?

[JustAnotherOldGuy]

I really think what they are trying to do is create a society where you don't have to hide what you are doing and everything is permissible and acceptable.

I sense...SARCASM. Let's check...

Sarcasm Detector activated.....scanning....scanning....sarcasm FOUND.

Scan finished.

Start another scan?

Re:Banning encryption?

[zlives]

o yea of little utopian faith

Re:Banning encryption?

[JustAnotherOldGuy]

o yea of little utopian faith

I have to admit, my faith in anything and everything is at an all-time low these days. I doubt even the most sensitive scientific instruments could detect what little is left.

Re:Banning encryption?

[Zero__Kelvin]

"Banning encryption seems like the War On Drugs...destined to be an utter success for the power mongers bent on stealing our personal freedoms"

FTFY

"I hate the way most media portrays users of drugs as probable criminals or as being "up to no good".

See how that works?

Re:Banning encryption?

[Boronx]

The reliability with which all american media takes the government line on any story is disheartening.

Re:Banning encryption?

[Steve+B]

Sounds like an interesting idea... for some other planet, with some other species besides humans (maybe something evolved from social-insect-type hive dwellers).

Re:Banning encryption?

[JazzLad]

Science makes faith detectors? Sounds like you have more faith in science than I do ...

;)

Re:Banning encryption?

[JustAnotherOldGuy]

Science makes faith detectors? Sounds like you have more faith in science than I do ...

All-time low = 0%.

Faith? Never had it, never will. Faith is for suckers. It's believing in something without any proof, and homie don' play dat way!

Re:Banning encryption?

[zlives]

o i think i have one of those and the dial is stuck on 11/0

Jimmy Wales wails whether web will wreck wankers

[JoeyRox]

Couldn't resist suggesting a new headline.

That'll be popular

[omnichad]

Break all ability to make payments or move money online.

At the very least, any cryptography with known security vulnerabilities (such as the NSA wants) would not be PCI compliant. But it's unlikely that any bank would use an older version of TLS or SSL for online banking either.

Re:That'll be popular

[rubycodez]

I just checked a bunch of big banks and credit card companies, plenty still support TLS 1 and 1.1 which will be pci non-compliant next June. chase, discover, BMO harris....

Re:That'll be popular

[omnichad]

Maybe I don't know much about mandatory PCI scanning, but for the organization site I handle PCI compliance for, I was forced to remove TLS 1.0 support to get a passing scan already.

Re:That'll be popular

[rubycodez]

It depends which level of PCI compliance your organization was seeking at the time, earlier in the year you could get by with older

Re:That'll be popular

[AHuxley]

Re "Break all ability to make payments or move money online."
Most nations have versions of Australian Transaction Reports and Analysis Centre
https://en.wikipedia.org/wiki/...
Real time tracking of all banking. No paperwork needed.
The other option for all other nations is the setting of standard banking interconnect encryption is set at a tame level and the NSA and GCHQ can read it all in real time.

Re: That'll be popular

[omnichad]

The link you sent didn't say "all banking" - it said transactions of $10,000 or more are reported by the banks, not intercepted. Even the US has similar reporting requirements to the IRS.

This is about having a tamper-proof connection, safe against crime and anyone else. It's not just the NSA who would benefit from weak encryption.

Re: That'll be popular

[AHuxley]

re 'This is about having a tamper-proof connection, safe against crime and anyone else."
That is a huge issue. If a nation is too good with banking encryption it gets US diplomatic pressure until its banking system starts to report on every "international" account or movement of funds.
The issue about "safe against crime and anyone else" is that the US and UK military have so many generations of experts, staff at many shared bases globally that work with local staff on the the same export grade decryption systems that the more basic methods start to leak per decade.
Any faith, cult, political party, other nation, military, gov, well backed NGO with endless funding, the media can then go shopping for the same weak crypto backdoors for their own nationals now ex staff or former mil/gov staff. Its win win win for everyone with an interest in weak international crypto standards.
Contractors and groups can sell their experts to anyone as the crypto is weak and so many governments can only break weak networks.
Banking is just a small part of decades of tame crypto games.

Banning encryption

[Dunbal]

Wait - so if they ban encryption, presumably it means I won't be able to secure my Wifi because after all that uses encryption, so dear government, how do you expect to force me to be responsible for anything that originates from my IP? Surely I must enjoy the same protections as my ISP.

Re:Jimmy Wales wails whether web will wreck wanker

Wikipedia won't wait for Washington waterboarders

Give me some scissors

[FudRucker]

i got some credit cards i want to snip before that info bounces around the internets in the clear

Re:Give me some scissors

[Jason+Levine]

Don't worry, when a big company transmits your name/address/SSN/DOB in the clear with no encryption, some new credit cards will be opened in your name.

Re:Give me some scissors

[Darinbob]

We had the case not too long ago where the US did not allow exporting of certain encryption technologies. So business would actually use weak encryption with known vulnerabilities. Not quite plain text but pretty bad. Good encryption is of vital importance to commerce.

Re:Jimmy Wales wails whether web will wreck wanker

[zlives]

clearly Jimmy needs to change his name

Please add this to the FAQ

This debate was settled years ago. It's a bad idea. Can someone please create a FAQ so that we can redirect misguided legislators and media drones?

Re:Please add this to the FAQ

[Jason+Levine]

The thing is most government security agencies aren't saying "ban all encryption" but are saying "just give us 'law enforcement only' backdoors into all encryption." They try to present this as some kind of reasonable compromise, but they ignore the giant, gaping hole they'd create. No backdoor can be totally secured as "law enforcement only." At some point, someone will figure out how to spoof their way in. And then that "wonderful-encryption-with-government-backdoors" will be worthless. Except the politicians prefer to ignore this problem and just shout "TERRORISTS COULD USE ENCRYPTION" louder and louder as if that's an argument against it. (Terrorists also breathe air. We should ban all air!)

Re:Please add this to the FAQ

[Zontar+The+Mindless]

I can't believe anybody is able to suggest "government-only backdoors" while keeping a straight face, in the wake of this recent epic FAIL based on exactly the same premise.

Is this guy for real? :)

North American needs stronger encryption. and more warrants for data collection/seizure. The only thing weak encryption does is support corruption within the criminal justice enforcement system. If a judge issues warrant for whatever material(s) do whatever you will with it. However that's with a warrant. Weak encryption just encourages NSA/DOJ/FBI and local PD. to piggy back bull- boogeyman terrorist/fear policies/practices inherited from the bush administration. I'm all for law enforcement. But there needs to be sufficient evidence and a judge needs to issue a warrant for said material.

Ban Cryptography on the internet?
This is parallelled only with the prospect of banning firearms in Texas.

I'm not sure if this guy is just the worlds largest troll.. or is actually serious..

Either way .. lulz

[citation needed]

[oneiros27]

I'm assuming that the intentionally vague title is just more slashdot trolling.

The UK government it talking about it -- the US government is requiring all government agencies to stop using HTTP, while ignoring the problems it might cause.

They're trying to get us to all go to HTTPS, but I'm planning on making everything available over FTP instead.

Is the URL encoded in browser SSL as well?

[Vegan+Cyclist]

I'm wondering if the URL encoded in a browser SSL connection as well?

I had a particularly anal landlord not long ago, and we relied on their wifi, and he didn't want anyone downloading torrents, and went so far as to block nearly every port, as well as blocking any URL containing 'torrent'. So of course a torrent file couldn't be downloaded, but searching Google for 'torrent' would result in no page loading, and even news sites like TorrentFreak.com came up blank. (Yes, a brilliant strategy. I wasn't actually trying to download torrents, but wanted to play some games like Diablo 3, which were also stymied by these port blocks. Ended up using wifi sharing on my mobile phone, which actually worked surprisingly well - only used about 30mb per hour.)

I don't recall 100% if this still blocked me with a HTTPS URL (I believe it did give it a try), but I even went so far as to try out a VPN service, and even THAT was blocked -- still couldn't load any pages containing the term 'Torrent', which really surprised me (and the game wouldn't load.) The router settings trumped my PC settings in this case.

If this is the case, then can't they still track a lot of your web-browsing habits by the URL you're visiting? (Just perhaps not the content of the page sent to you itself?)

Re: Is the URL encoded in browser SSL as well?

[ZeroWaiteState]

They can see the IP address you connect to, yes. As for the hostname of the HTTP endpoint, the answer is maybe. As for the path portion of the URL (the specific page) you are getting, the answer is no. However, some places use proxies to forceably MITM the connection, but that can usually be detected by a client if the user is sophisticated.

Re:Is the URL encoded in browser SSL as well?

[l0n3s0m3phr34k]

that's insane. I would be forced to move, because every few weeks I have to do weekend coverage from home and require a VPN back into HP's network. Was that in your rental contract, like "no VPNs"? Did the landlord come by and cut up all the wires too? I'm not joking, that's what my current apartment complex did several years ago...they decided to be an "AT&T Community" and somehow every cable in the complex got cut inside the various enclosures.

Re: Is the URL encoded in browser SSL as well?

[khellendros1984]

My work MITMs https. The browsers that the company installs include their CA certs, so detecting it takes manual effort ("hmmm, why is Google's cert issued by " SSL Decryption Authority"??"). If you install another browser without the certs, you'll get a nice warning screen saying that someone is doing something nasty, and it takes some effort to tell the browser to ignore the problem. So I'd assume that even an unsophisticated user would recognize that there's a problem...although they wouldn't know why it was a problem, what it meant, or what to do about it.

Re:Is the URL encoded in browser SSL as well?

[Vegan+Cyclist]

It was my partners rental suite, basement in a house, before we got a place together. Not worried about agreements, etc, they aren't renting any longer.

More interested in how secure and private HTTPS is - I have a feeling that there are aspects that are more public than we'd think... Anyone want to configure their router so that it blocks particular terms like this, and see what happens when you try it with an HTTPS URL? (I never asked how he did it, it might be something like a 'parental blocking' feature on the wifi router...but in theory that shouldn't stop a VPN or HTTPS browser connection, right?!)

But UK gov isn't any smarter

[Lead+Butthead]

Government has done a lot of retarded things over the years. This will just be another one.

Re:But UK gov isn't any smarter

[MobSwatter]

Government has done a lot of retarded things over the years. This will just be another one.

Just when I thought they couldn't make the US look any more retarded. I'd say let them ban encryption, this will remove the necessity of the existence of their department with it's out of control budget and put the gap in technology development between the US and Russia over the top. What the hell, they're already 25+ years ahead of the US over there anyway. What the hell is up with this election thingy anyway, not one candidate directly appears to be owned, is the mafia getting all cloak and dagger or are the central banksters outing their tool of occupation of the US after running off with all the gold? Is mafia losing it's drive for 'theatre'? Oh Vinnie, say it ain't so!

Re:But UK gov isn't any smarter

[rawtatoor]

This would be my nine.. but I'm going to just personally insult this one. You shouldn't be here in my . You need to read your UID until you understand how stupid you really are numbnuts. And say hello to the 'yellow pill.'

Re:But UK gov isn't any smarter

[MobSwatter]

Ah, a supporter of big pharma, perhaps your choice was Obama? Sure, why don't you come a little closer with that 'yellow pill' of yours, I'd be glad to show you right where you can put it. Perhaps you should take a look at where all the surveillance started, some say that GCHQ is a subsidy of the NSA, but we were all aware of where this behavior started and know perfectly well where this will happen next.

Re:But UK gov isn't any smarter

[rawtatoor]

Kill another Grange supporter? Y or N. Why yes. I would have no reason for this if you weren't here. And you must be the 'peanut butter pill.' STFU ho. Try that shit to my face and you'll get your face dimpled ho. Try it again!

Re:But UK gov isn't any smarter

[MobSwatter]

Kill another Grange supporter? Y or N. Why yes. I would have no reason for this if you weren't here. And you must be the 'peanut butter pill.' STFU ho. Try that shit to my face and you'll get your face dimpled ho. Try it again!

There is no lesson in it for the dead, representation and democracy was proven out the window with JFK in '63 via the Biltmore gangsters backed by banksters. Ho? Heh, you must be jest for like the last 50 years or so, or you are really into theater. Perhaps you should find another reason, and maybe a moving van, or a lobotomy. Come on over and give me a dimple there sweetie if you feel you must, I'm here for you, I'm your huckleberry.

Common sense

[bbasgen]

My opinion of Hayden just bumped up by quite a bit. It is common sense (not to mention historically rigorous and logically sound) to suggest we need strong encryption and that back doors are a terrible idea. But, what a victory to hear a public official take this position. So much more of this needs to be happening!

Re:Common sense

[AHuxley]

The US and UK hope they can induce the public to react in ways that expose privacy and anonymity at all levels.
A face to face meeting to exchange one time pads set up on a leaky computer network ;)
Using advance encryption from a web site thats always been under constant observation.
The software works but just been interested made all network connections by a person to that website interesting.
The public is been pushed to find, use or seek or consider different strong encryption. The very act of looking breaks anonymity for decades.
The privacy of a message aspect is just a tame OS or weakened hardware product away once a computer or network user is discovered.
The use of informants as gatekeepers over entire generations of emerging math and crypto or software release, hardware creation.
Building in back doors at a lower hardware level while the public gets told the big brand software and hight level OS is secure and can be tested by anyone.
Public and private sector partnerships to track all interest in emerging crypto. From educational, to start up to funding, open source to multi national. All considered, shaped, weakened, pushed, hyped or superseded.

"wikipedia is not censored" is a conceit

[caviare]

Quoting directly from https://en.wikipedia.org/wiki/...: "Content will be removed if it is judged to violate Wikipedia policies (especially those on biographies of living persons and neutral point of view) or the laws of the United States".

In fact wikipedia is not censored according to the laws of China, but it is censored according to the laws of United States. Naturally this doesn't appeal to the Chinese government when it's available to Chinese citizens. No doubt if it wasn't censored according to the laws of United States then this wouldn't appeal to the United States government (or other governments with similar views to the US).

Re:"wikipedia is not censored" is a conceit

> Wikipedia is censored according to the laws of United States

The First Amendment has pretty strong protections, there are only a few exceptions:

Yelling fire without basis in a crowded place, etc.

Factually untrue, non-ironic libel versus non-public figures (politicians and pastors on TV need not apply)

Disclosing the precise location of american oil reserves carries life in Supermax

Discussing details of or imaging the zionist nuclear bomb factory at Dimona is prohibited in US felony law and offenders are handed over to the zionist entity. (Mordechai Vanunu was captured by the CIA on Mossad orders.) The Dimona reactor just doesn't exist, la-la-la, Saddam has WMD, Syria has WMD, Iran wants nukes, jews are the only democracy in Middle East and guardian angels of peace, those chosen nation la-la-la I can't hear you palestinians...

Re:encryption weaknesses

[AHuxley]

Think back to ww2, the Soviet Union in the 1930's, France in the 1950-60's. The US and UK have always enjoyed total access to all other nations data by setting junk standards or allowing international crypto research standards to settle on weak standards for decades.
If a service is secure along the length of transmission, go for the encoding, decoding systems at one end TEMPEST.
If that is secure, ensure a nation picks a junk international standard that is weak by design.
Get to the OS developers, equipment makers over decades. Ensure only tame brands and tame products get international traction and marketing.
Ensure a flood of media and press about standards, the best designers and providers always reaches diplomats and governments. What they buy into from neutral nations or experts is then plain text junk.

Facepalm

[fragMasterFlash]

Really? Are they going to start jailing kids for speaking Pig Latin and Ubbi Dubbi too?

This is yet another instance of ignorant fear mongers attempting to ban what they don't understand.

Re:This is in the UK

[alex67500]

"Hello, My name is David Cameron, MP, and I'm the Prime Minister of the UK. Today I would like to put forward a bill to ban all forms of mathematical science and studies, because they are an essential building block of encryption, and that fuels unacceptable behaviours that we can't snoop on. Pretty Please."

Re:What the hell

[TapeCutter]

Does he support terr'sts?

Yes, the IRA to be specific.

Re:encryption weaknesses

[AHuxley]

AC In the 1920s GC&CS gave the UK great access to Soviet embassy/Trade Mission, traffic thanks to the work of Ernst Fetterlein.
https://en.wikipedia.org/wiki/...
Soviet "Mask" material was then worked on after the 1920's under John Tiltman https://en.wikipedia.org/wiki/....
The UK had all Russian systems under total collection into the 1940's . Correct use of one time pads made Russia very difficult in the early 1950's but Russia had so much traffic it reverted to fast advance systems that the NSA and GCHQ quickly got back into after the early 1950's.

Re:encryption weaknesses

[TapeCutter]

That a good idea if you don't trust any of them. BTW: You can generate real random numbers by plugging a bare wire into the mic socket and sampling the static (white noise, some of it is leftover microwaves from the big bang).

Re: What the hell

[Fire_Wraith]

It's probably best to be clear that the ones most 'worried' about encryption are the FBI (and various other Federal Law Enforcement types). It may be telling that the FBI is so big on this, while the NSA seems less so. For all that people think of the NSA as the primary bad guys in all of this, the practical problem (as opposed to ethical/moral/etc) with NSA spying wasn't even the NSA having the information, it was what happens if/when the NSA gives that information to people like the FBI or DEA, who are very much interested in targeting American citizens.

Likely he's concluded that the benefits of strong encryption in protecting U.S. Government and private sector assets outweighs the potential lost intelligence monitoring capabilities. Part of this is because anyone overseas isn't going to bother using knowingly weaker stuff - Al Qaeda, ISIS, etc won't use stuff they know the FBI can backdoor, they'll get something from Russia or China, etc. Meanwhile, weaker crypto means our stuff is more likely getting read by those same Chinese/Russian/whoever intelligence services.

Meanwhile, the FBI doesn't care about that, because they're more interested in who they can go after domestically.