Slashdot Mirror
Going Dark Crypto Debate Going Nowhere (threatpost.com)
msm1267 writes: FBI general counsel James Baker reiterated a theme his boss James Comey started months ago, that Silicon Valley needs to find a solution to the "Going Dark" encryption problem. Two crypto and security experts, however, pointed out during a security event in Boston that encryption remains the best defense against the government's surveillance overreach and espionage hacking targeting intellectual property. “If we were able to engineer a mechanism where we’re splitting a key and having a third party escrow it where the government could ask for it, the very next thing that would happen is that China et al will ask for the same solution. And we’re unlikely to give them the same solution,” Eric Wenger, director of cybersecurity and privacy, said. “Complexity kills, and the more complex you make a system, the more difficult it is to secure it. I don’t see how developing a key-bases solution secures things the way you want it to without creating a great deal of complexity and having other governments demand the same thing.”
Do what is best.
...the very next thing that would happen is that China et al will ask for the same solution...
No, that would be second. The first thing would be US agencies demanding keys without warrants and with gag orders.
Yes, Mr. Baker, it is about the relationship between the people and the government. What we wanted you to do was to treat the Fourth Amendment as a law, not as an obstacle to be circumvented. You have demonstrated yourselves incapable of obeying the laws you profess to uphold. So, what we want now is for you to go away. If that means a terrorist kills a few of us every now and then, so be it. Right now the terrorists are killing a lot fewer civilians than our policemen, so frankly, if I've gotta take the risk, I'd rather take my chances with the bad guys than the good guys.
Until then, remember this is professional, not personal. You Feebs actually pretty good at police work when you get off your asses and go do it. Maybe if we make it hard enough for you to spy on us illegally, you'll be forced to resort to good old-fashioned HUMINT-style police work for the rest of your cases. Try serving and protecting the public for a change. You might even start to enjoy it. And we might, after a few decades, start to trust you again.
This debate isn't about "terrorists"; any sophisticated organization with something substantial to hide isn't going to rely on Apple's or Google's encryption, they are going to be using their own, something that is easy enough to do.
The entire debate is about day-to-day police work: police want to be able to search your phone and your E-mail with the same ease with which they can open your car's trunk. The problem with that isn't that they may or may not use it against minor offenders, the problem is that if you put that capability in the hands of a million law enforcement officers and government investigators, they will invariably abuse it for personal and political gain, blackmail, and amusement.
The FBI and NSA are right that good default crypto will make it harder to catch criminals and the extremely rare terrorists. It will also make it harder to catch people doing quite a number of other bad things.
However, they also brought this on themselves. Overall this is like the response to ads online. Ads got so extremely bad that people just installed adblockers that block everything. Now many sites are finding it hard to even survive due to ads being blocked. If you unblock the ads on the site though you find out the ads are extreme with sound, video, taking over clicks, and with dozens of ads on a page and so you go back to blocking.
If the Ad industry had stayed to banner ads and maybe one or two small ads on the sidebars of a page and with no music or video then it is likely that people would not have gone to the effort to block them. They created this mess all on their own.
If the NSA had not started watching everyone in a fairly blatant violation of the law and the courts made it so you can't even try to stop them since they rule you have not standing since you can't prove you where watched then this reaction would not be happening. What the NSA did damaged Apple, Microsoft, Google, Facebook and many others along with pissing off average people a lot. When the average person thought the NSA was just going after evil people outside the country they where okay with it. Finding out they go after citizens in the country also is unacceptable.
I have no idea how to deal with the actual legitimate concerns of the NSA and FBI and also deal with their abuse. We all know that they will keep abusing their powers if they can. If you compromise encryption in any way then others will find the backdoors also and use them.
This is not a good situation and in the end I don't know how it will play out. It should be possible for the NSA and FBI to get access to data upon probably cause and with a court order I just don't see any realistic way to do that anymore given what they have done.
Computer modeling for biotech drug manufacturing is HARD!