The author is working from the assumption that it's easier to make governments and authorities infallible and incorruptable than it is to deal with a world with encrypted communication.
Coming from a reporter (someone supposedly professionally versed current affairs), this is contemptibly stupid position to take.
Thanks for the links, foolshdropout. I've read most of those, and they tend to the make the same points over again.
I called it a "side door" to make the point that we need a compromise between the front and back. The pro-encryption crowd doesn't want a back door, and the anti-encryption crowd doesn't want a front door. As Amnesty International recommends, we need some compromise.
Given that you think I'm clueless on many fundamental levels, I presume you disagree with Amnesty International.
I agree that the answer is complicated, but I don't agree that we must appeal to mathematics to solve the problem. We need to have a discussion about what is a good compromise and how much security and privacy we have to sacrifice in order to ultimately strengthen them. We sacrifice some of our privacy and security by allowing government to break into our homes, yet we feel safer and more private because law enforcement and our justice system is on our side and works to thwart criminals. It isn't perfect, but I personally would feel less comfortable if our homes were impenetrable - think of the ramsomware cases with encryption. The fact that there's no way to unlock those encrypted machines without the key is a tragedy. You might say the answer is to stop the ramsomware nuts instead of undermining encryption, but that's like saying we should stop the pedophile from raping our kid in his impenetrable basement instead of making it so we can break in.
How do we solve this? It's hard to say, but there are solutions. foolshdropout's first Guardian link presents a good example with the TSA luggage lock standardization. That is essentially a backdoor and has led to many thefts. The flaw in that example, however, is that with enough force, a lock can be broken, and any luggage can be penetrated, making the need for master keys and standardized locks unnecessary. So, it's not a good analogy with encryption, which cannot realistically be broken into.
Giving the government master keys to standardized encryption methods is not a good way to do it. However, the FBI's method of getting Apple to disable the guess limit is a "lesser" backdoor, if you must call it that. That provides some compromise because it requires the government going to Apple for each warrant and having them on a case-by-case basis disable the limit. This adds a few hurdles to slow down the process, which is basically what encryption does in the first place, while allowing authorities to lawfully search and seize.
I'm not sure what the answer is, but I know that if we stick to absolutes (total encryption, no encryption), we are only hurting ourselves.
There is no clear value to you, just like there is no value to you that a criminal could break into your window and watch you sleeping at night. For your security and privacy, you'd be better off having no windows.
That an unintended person can read your private messages is an unfortunate consequence of compromise. What we'd have to do is figure out a way to implement a security system that detects all intruders via cyber-forensics or whatever other effective means.
I see the consequences of unrestricted encryption as more severe than the consequences of restricted encryption.
In the article, I explain two options in the Apple case:
1. Apple could develop new software and give the FBI the key. That is the true back door.
2. Apple could disable the guess limit and let the government brute-force the code. This is the "lesser" back door.
In most encryption cases around the world, the government can get in with enough computing power. They can brute-force as they see fit, which is a problem for all people who support encryption. These people essentially are in favor of a method of privacy protection that works only as well as the math used to support it. In this case, the math is only so dependable.
The other option is to depend on due process, checks and balances, and the branches of power. Government cracking encryption is inevitable, so sticking to absolute encryption and refusing compromise is a losing battle in the long run. We might as well start today on working out a compromise, developing and implementing a federal system that appropriately handles the privacy of our communications.
I agree: that is a contemptible position to take - and it's not mine.
It's impossible to make authority infallible and incorruptible. However, the United States has proven that it is possible to create a society of checks and balances with a sufficient justice system that works in favor of the citizen. Home search and seizure seems to generally go well. Why aren't there groups speaking up about it?
Just so I'm clear, do you disagree with Amnesty International's suggestions for restricted encryption?
>However, the United States has proven that it is possible to create a society of checks and balances with a sufficient justice system that works in favor of the citizen. Home search and seizure seems to generally go well. Why aren't there groups speaking up about it?
Wow!? What makes you think any of that? Or did you miss a negative there? :)
Yes, I am against the assumption that backdoors are a good idea, whoever puts it forward, and whatever you try to call them.
My experience living in the United States and researching other countries has given me that perspective.
> Yes, I am against the assumption that backdoors are a good idea, whoever puts it forward, and whatever you try to call them.
So, you do disagree with Amnesty International's recommendations for restricted encryption. That's fine, but I hope you also disagree with the government being allowed to enter our homes with a warrant.
Aaron, I have only read the executive summary of the briefing from Amnesty International you reference, but I fail to see that they make any suggestion for restricted encryption.
Can you please clearly cite what in that briefing makes you conclude this?
"any restrictions on encryption must be contained in laws that are precise and transparent, must be used only when necessary to achieve a legitimate aim and must not discriminate against specific individuals or groups. Critically, any measure interfering with encryption must be proportionate to achieving the legitimate aim for which it is imposed, and the benefits gained through the adoption of such measure must not be outweighed by the harm caused, including to individuals and network infrastructure and security."
...and I still fail to see where in this Amnesty International recommends restricting encryption.
The use of 'any' does not imply recommendation. I guess you could interpret the 'only when necessary' part as maybe opening the door to restrictions on encryption, but I feel Amnesty International's wording here intentionally wants us to really consider the drawbacks.
I agree that Amnesty International is being extremely cautious in making recommendations, but if they felt that no compromises could / should be made, I don't see why they would bother with the quoted paragraph.
"any restrictions on encryption must be contained in laws that are precise and transparent"
^ This suggests that they think restrictions are possible, whereas many pro-encryption people think that restrictions are mathematically impossible and are stupid to even suggest.
"must be used only when necessary to achieve a legitimate aim"
^ Again, while there is no specific recommendation, they are implicitly suggesting that restrictions are acceptable under certain conditions.
"any measure interfering with encryption must be proportionate to achieving the legitimate aim for which it is imposed, and the benefits gained through the adoption of such measure must not be outweighed by the harm caused, including to individuals and network infrastructure and security."
^ Same thing. In three separate places, they suggest that restrictions are permissible, and they are making recommendations for when they may be permissible.
20 comments
[ 1624 ms ] story [ 1165 ms ] threadComing from a reporter (someone supposedly professionally versed current affairs), this is contemptibly stupid position to take.
http://www.theguardian.com/technology/2015/may/01/encryption...
http://reason.com/blog/2016/02/18/4-reasons-to-fear-encrypti...
https://www.servint.net/university/article/keep-the-back-doo...
https://pando.com/2013/12/19/the-nsa-review-panel-says-encry...
http://www.techrepublic.com/article/why-government-mandated-...
http://www.newsweek.com/why-we-need-encryption-even-nsa-cant...
https://www.wordfence.com/blog/2016/02/wordfence-supports-st...
https://www.rt.com/usa/319236-no-encryption-backdoor-apple-c...
http://www.techrepublic.com/article/encryption-you-cant-put-...
http://www.theguardian.com/commentisfree/2015/mar/04/backdoo...
https://www.yahoo.com/tech/defense-secretary-favors-strong-e...
http://www.freerepublic.com/focus/f-news/3395743/posts
BTW Aaron, a sidedoor is just a backdoor on an adjacent wall...
I called it a "side door" to make the point that we need a compromise between the front and back. The pro-encryption crowd doesn't want a back door, and the anti-encryption crowd doesn't want a front door. As Amnesty International recommends, we need some compromise.
Given that you think I'm clueless on many fundamental levels, I presume you disagree with Amnesty International.
How do we solve this? It's hard to say, but there are solutions. foolshdropout's first Guardian link presents a good example with the TSA luggage lock standardization. That is essentially a backdoor and has led to many thefts. The flaw in that example, however, is that with enough force, a lock can be broken, and any luggage can be penetrated, making the need for master keys and standardized locks unnecessary. So, it's not a good analogy with encryption, which cannot realistically be broken into.
Giving the government master keys to standardized encryption methods is not a good way to do it. However, the FBI's method of getting Apple to disable the guess limit is a "lesser" backdoor, if you must call it that. That provides some compromise because it requires the government going to Apple for each warrant and having them on a case-by-case basis disable the limit. This adds a few hurdles to slow down the process, which is basically what encryption does in the first place, while allowing authorities to lawfully search and seize.
I'm not sure what the answer is, but I know that if we stick to absolutes (total encryption, no encryption), we are only hurting ourselves.
But what is the value for me that someone else than the indended recipient can read a message I wanted to keep private?
That an unintended person can read your private messages is an unfortunate consequence of compromise. What we'd have to do is figure out a way to implement a security system that detects all intruders via cyber-forensics or whatever other effective means.
I see the consequences of unrestricted encryption as more severe than the consequences of restricted encryption.
In the long run given how things are currently, I trust math to lie less than politicians, bad actors, etc. Math has no ill intent.
1. Apple could develop new software and give the FBI the key. That is the true back door.
2. Apple could disable the guess limit and let the government brute-force the code. This is the "lesser" back door.
In most encryption cases around the world, the government can get in with enough computing power. They can brute-force as they see fit, which is a problem for all people who support encryption. These people essentially are in favor of a method of privacy protection that works only as well as the math used to support it. In this case, the math is only so dependable.
The other option is to depend on due process, checks and balances, and the branches of power. Government cracking encryption is inevitable, so sticking to absolute encryption and refusing compromise is a losing battle in the long run. We might as well start today on working out a compromise, developing and implementing a federal system that appropriately handles the privacy of our communications.
It's impossible to make authority infallible and incorruptible. However, the United States has proven that it is possible to create a society of checks and balances with a sufficient justice system that works in favor of the citizen. Home search and seizure seems to generally go well. Why aren't there groups speaking up about it?
Just so I'm clear, do you disagree with Amnesty International's suggestions for restricted encryption?
Wow!? What makes you think any of that? Or did you miss a negative there? :)
Yes, I am against the assumption that backdoors are a good idea, whoever puts it forward, and whatever you try to call them.
My experience living in the United States and researching other countries has given me that perspective.
> Yes, I am against the assumption that backdoors are a good idea, whoever puts it forward, and whatever you try to call them.
So, you do disagree with Amnesty International's recommendations for restricted encryption. That's fine, but I hope you also disagree with the government being allowed to enter our homes with a warrant.
Can you please clearly cite what in that briefing makes you conclude this?
Restrictions are discussed in section 4, page 25.
Their recommendations are in part 5, page 31:
"any restrictions on encryption must be contained in laws that are precise and transparent, must be used only when necessary to achieve a legitimate aim and must not discriminate against specific individuals or groups. Critically, any measure interfering with encryption must be proportionate to achieving the legitimate aim for which it is imposed, and the benefits gained through the adoption of such measure must not be outweighed by the harm caused, including to individuals and network infrastructure and security."
The use of 'any' does not imply recommendation. I guess you could interpret the 'only when necessary' part as maybe opening the door to restrictions on encryption, but I feel Amnesty International's wording here intentionally wants us to really consider the drawbacks.
"any restrictions on encryption must be contained in laws that are precise and transparent"
^ This suggests that they think restrictions are possible, whereas many pro-encryption people think that restrictions are mathematically impossible and are stupid to even suggest.
"must be used only when necessary to achieve a legitimate aim"
^ Again, while there is no specific recommendation, they are implicitly suggesting that restrictions are acceptable under certain conditions.
"any measure interfering with encryption must be proportionate to achieving the legitimate aim for which it is imposed, and the benefits gained through the adoption of such measure must not be outweighed by the harm caused, including to individuals and network infrastructure and security."
^ Same thing. In three separate places, they suggest that restrictions are permissible, and they are making recommendations for when they may be permissible.