Slashdot Mirror

← Back to Stories (view on slashdot.org)

Top Security Experts Say Anti-Encryption Bill Authors Are 'Woefully Ignorant' (dailydot.com)

Posted by BeauHD on from the one-size-fits-all dept.

blottsie writes from a report on the Daily Dot: In a Wall Street Journal editorial titled "Encryption Without Tears," Sens. Richard Burr and Dianne Feinstein pushed back on widespread condemnation of their Compliance with Court Orders Act, which would require tech companies to provide authorities with user data in an "intelligible" format if served with a warrant. But security experts Bruce Schneir, Matthew Green, and others say the lawmakers entirely misunderstand the issue. "On a weekly basis we see gigabytes of that information dumped to the Internet," Green told the Daily Dot. "This is the whole problem that encryption is intended to solve." He added: "You can't hold out the current flaws in the Internet as a justification for why the Internet shouldn't be made secure." "These criticisms of Burr and Feinstein's analogy emphasize an important point about digital security: The differences between the levels of encryption protecting certain types of data -- purchase records on Amazon's servers versus photos on an iPhone, for example -- lead to different levels of risk," writes Eric Geller of the Daily Dot.

2 of 90 comments (clear)

  1. let's be clear by supernova87a · · Score: 5, Interesting

    Well, the thing they fundamentally misunderstand about the issue is that companies now are disclaiming ownership of the data. At least the stuff that exists purely on people's phones for example.

    Senators Burr and Feinstein, failing to grasp this issue, actually have a beef with the people who now seek to use freely available encryption (which can be broken by no one practically) to protect themselves against intrusive government behavior -- which government has itself fueled by its own responsibility. Not the phone manufacturers -- which is why Apple, for example, have been racing forward to take the issue out of their own hands.

    If they want access to records about who uses public networks, transmits public information, etc, etc, then fine. Tap those networks, and make those companies who transmit information comply. But hands off my data, on my device, thank you.

  2. That's where lobbyists step in ... by perpenso · · Score: 3, Interesting

    just about any bill is woefully ignorant to those who are entrenched. the good news is that ignorance is fixable even if it is unwilling.

    Its got little to do with being entrenched. Most people do not understand how little their representatives are involved in the drafting of legislation, and on the other side the reading and analysis of legislation in preparation for a vote. Representatives are heavily dependent on staffers for such things. There are few things the representatives have to do themselves, show up for votes, show up for committee meetings, and most importantly spend 3-4 hours a day on the phone asking for money. Other things like drafting and analysis are largely delegated. This is true for the entrenched and the new optimistic enthusiastic determined-to-change/fix-things as-yet-uncorrupted representative.

    When legislation is intelligently written it is usually written by lobbyists rather than staff. I'm tempted to say something about bias, but what makes one think staffers are unbiased, or their representative.

    And this is why Google, Apple, etc *must* send lobbyists to Washington to get involved. Its regrettable, but its true.