US Encryption Ban Would Only Send the Market Overseas

Patrick O'Neill writes: As U.S. legislatures posture toward legally mandating backdoored encryption, a new Harvard study suggests that a ban would push the market overseas because most encryption products come from over non-U.S. tech companies. "Cryptography is very much a worldwide academic discipline, as evidenced by the quantity and quality of research papers and academic conferences from countries other than the U.S.," the researchers wrote.

Au contraire

We have pushed many of our industries overseas again and again with heavy government regulations. While OSHA, workers comp, EPA, etc. minimum wage, etc. laws and regulations may have some sense, we have to realize that these same laws also reduce employment and push industries overseas

No they don't. So-called "Free Trade" agreements designed specifically to undermine such laws, by opening boarders for unfettered trade without requiring a corresponding level playing field in the regulatory and labor protection spaces. NAFTA etc. are working exactly as designed, inspiring a race to the bottom in terms of quality of living and wages. This is squarely the fault of such one-sided agreements ... not the sensible regulations, minimum wage, worker safety requirements, etc. that helped fuel the largest and longest economic expansion in US history.

God DAMN it! Not fucking again!

[Shoten]

I remember the days of the Clipper Chip, and of the prohibition on exporting strong crypto. I remember getting a package from Checkpoint in Ramat Gan, Israel (over international DHL, I believe it was) that was slathered with warning stickers that said it could not leave the USA...when it originated from Israel.

I remember in 2000, doing an IV&V of a VPN solution that did something really funky with their key generation, such that they were allowed to export strong (based on bit size) encryption without having to do key escrow. They put some of the key generation material in the handshake exchange...which means it went in the clear. I shit you not. Oh, and also, their algorithm had no forward secrecy...which was the whole point. Anyone who had sniffed the session could go to the operator of the VPN with a warrant, and have them re-generate the key that was negotiated between the two endpoints...making it possible to decrypt the session. Of course, this came along with a whole metric shitload of security problems, like the fact that compromising the VPN concentrator and pulling a little data off of it would give you the ability to decrypt any session that included that concentrator (we never got to the point of seeing if we could get the same effect by attacking the client). Basically, the whole thing was just a big pile of bitch cock, just waiting for disaster. (We also found a one-packed DoS, a buffer overflow, and other things...all unauthenticated attacks.)

And the best part? The client for whom it turned out I was doing this IV&V. It was the United States Secret Service...specifically the protective detail for the incoming Bush administration. This pig-fucker of a VPN solution was going to be used to protect the President of the United States. That was fun to find out...at the outset of the engagement, we thought our client was the Treasury Department in general (which was kind of true, in a way). When we had "The Meeting" to tell them what a disaster the solution was, they told us who we were really working for in specific. I really needed a drink after that meeting.

Needless to say, the Secret Service ended up going with a different solution.

And now here we are again...with different people but the same organizations bringing up the same dogshit reasons to try and justify demanding the same dumb-shit idea be implemented...backdoored encryption. I find it so incredibly interesting that, when it came down to it, the US Government wouldn't rely on a solution like that to protect themselves, but they would insist that the rest of us accept it for our own use. It makes me want to spew a litany of every obscene word and phrase I can remember, in alphabetical order.

Re:These guys are morons.

[MitchDev]

No, they aren't morons, they are EVIL. They KNOW what they are proposing is wrong, but they do it anyway. Greed for money and power drives them, bought and paid for by the 1%. In the 70s,80s, 90s, would anyone have dreamed of the trampling of the Constitution that the government does nowadays, using 9/11 as a huge lever to bring in more trampling of citizens rights under the guise of "security"....

First Ammendment

[Mr_Blank]

Isn't a ban on encryption a ban on free speech?

It seems to me that encrypted communication is akin to two people having a conversation in Klingon. If a third party, a police officer, were to interrupt the conversation shouting, "Hey! Speak English! You must be understood!", then that would clearly be a violation of first amendment rights. I cannot imagine a judge would allow the police officer to use a defense of, "Well, they could have been planning terrorism." If the conversation is electronic, and the government does not know what is being said, then it still seems absurd to me for that to be illegal.

Banning encrypted communication is akin to banning all foreign languages, made-up languages, and baby talk. Speak English, little baby, you must be understood or the cops will get you! Absurd.