We want everyone’s home locks to be master keyed so that law enforcement can open anyone’s door with the same key right? We’re all ok with compromising our security a bit, to allow law enforcement to catch the four horsement of the infoclaypse (terrorists, drug dealers, pedophiles, and organized crime) right? Would it make you uncomfortable for everyone’s locks to be opened by the same key? Well, that’s basically what congress is asking silicone valley to do. Instead of it being your physical locks, it is your digital locks.
Just like the physical locks, it’s totally safe until someone figures out the right key. Then, it’s free game on everyone’s stuff. It is ridiculous how they’re pushing for this. Cyber warfare is likely to be the biggest threat to all internet citizens, US included, in the coming years. Congress’ solution to that is what?… make us all less secure by nullifying encryption. Anyone that stops to think about this for even a little bit, will realize that the negative impacts of encryption backdoors totally outweighs the positives (catching bad guys).
Now, I’m not here to say that catching terrorists and pedophiles isn’t important. It is important, but everyone else having to compromise their privacy and security isn’t something we should be willing to do to obtain it. The government has been pushing the terrorist fear agenda since 9/11 because it worked, but there’s been more push back lately. Apple refusing to unlock an iphone in San Bernardino and now Facebook saying they will move forward with strong encryption on their messaging app. So, they’ve decided to switch it up finally. The rhetoric isn’t about stopping terrorists anymore, now it’s pedophiles.
So what’s next? Should we be worried? Well, apparently silicon valley has a year to figure out a way to either defy the laws of mathematics or to compromise every one of their users’ privacy and security. I wouldn’t bet on them defying the laws of mathematics, which means the solution will be to open us up to data breaches and limit how safe our information can be. I predict that most companies, even if they come up with a solution they’re willing to accept to basically break strong encryption and allow law enforcement access, wont make any changes in the next year. No one wants to be the first company to come out and say “we’re no longer protecting your data as well as we could be, so that the government can access it all.” That would just be bad PR. So in a year, if this is actually more than just a political move to help their re-election chances, they’ll start working through bills.
Now, the level of incompetence when it comes to technology in congress is huge. We’re talking about people that have never sent an email trying to write a law to govern some incredibly complex mathematics and communication systems. The chances of a good law coming out of that, is probably the same as a room of chimpanzees writing Shakespeare. We’re talking about people that didn’t know Facebook made money from ads. One of the biggest companies in the country, raking in billions a year, and congress had no clue how they made money.
Needless to say, the threat of congress passing a law to govern strong encryption would likely amount to either nonsense or basically outlaw it altogether. So, the level of “stupid” in such a law is actually scary. My hope, is that this is a political stance to help their re-election (no one is going to take the stance of wanting to protect pedophiles or terrorists) and it is an empty threat.
Bryan's Blog 