220 comments

[ 1.9 ms ] story [ 242 ms ] thread
> Slapping unbreakable crypto onto more and more packets is just going to make matters worse. The only way to retain any amount of electronic privacy is through political engagement.

While political engagement is an alternative to "slapping unbreakable crypto" onto things, this article establishes no precedent for political engagement actually helping!

I see the technical as political, direct action as engagement.

An article like this that's attempting to be a call to action, needs to provide some positive reinforcement. I find myself failing to come up with big wins, the examples I can think of are almost exclusively heartbreakingly tragic (snowden, manning, swartz, Occupy, etc). When I think of political engagement in the US, I think of pretty violent end cases for everyone involved.

SOPA's defeat was a big win.

There is almost no political engagement from the technology sector, as compared to others (like pharmaceuticals, finance, telecoms, entertainment). If there had, the DMCA might not be so onerous, the CFAA would be gone, and SOPA would never have gotten as far as it did.

SOPA is probably the biggest recent achievement from activism (unless you want to count Wheeler and the Title II decision).

But tellingly, activism has failed to solidify a victory there. It was COICA, then SOPA, then PIPA, then ACTA, and now TPP, all pushing a bunch of the same core changes. Whenever there's resistance, the thing goes into hiding and comes back wearing new clothes. Lately, it's been handled in settings where debate happens behind closed doors and domestic activism has little power.

And yes, that might look different if major corporate players were more involved. But their stances are varied and inconsistent at best, and to the extent that this is for the benefit of private citizens the political approach appears to be an endless defensive fight.

I wonder. I've seen people on HN saying that Google is one of the biggest lobbyist, so apparently tech sector is very much present in Washington. So maybe it's not that there is no engagement, but that those who engage have different goals in mind than your average HNer?
Perhaps even inherently opposite goals. Google, Facebook, et al make it their business to peel away your privacy and know everything about you.
>There is almost no political engagement from the technology sector, as compared to others

That's because the tech sector is busy actually doing useful stuff and inventing world-changing technologies. Pharma only does some of that (their pace of innovation is quite lackluster, and they spend more on marketing than on R&D, the real medical innovation is being done by other entities), finance is figuring out how to make money from a bad economy with hedge funds, telecoms are just exploiting their monopolies and screwing customers over, and entertainment is just rehashing old stuff with never-ending low-quality remakes, reboots, sequels, and prequels.

Instead of trying to use politics to make more money by screwing people over (which is how other industries mostly work), the tech sector makes money by creating new technologies. It's a fundamentally different mindset.

No, that is not why.

The reason why the tech sector does not engage in politics, is that people feel they are above politics and "don't want to get dirty".

Further more, they're sure the laws doesn't matter on the Internet anyway, right ?

John Perry Barlow has a hell of a lot to answer for.
I do IT for a think tank in DC. I've seen people across the political spectrum fail to enact their particular agenda for their entire multi-decade careers. Changing policy is slow and, quite often, impossible.
If only there was some way of contiuing policy through some other means...

That's the importance of technology (and arms).

Arms are now, and have been since the days before the ass' jawbone, just a kind of technology. I think increasingly the value lies in technology which doesn't have killing someone as its primary function. That's true for you and me, and it's true for a government that seems perpetually fascinated with "Less Lethal" options.

Electroshock devices have shown the world just how much people will take from their government, if it has almost no chance of killing or visibly scarring them.

If one can enjoy a multi-decade career without making any changes, why worry about making changes?
Because most political jobs pay abysmally, have little job security, and require painful working hours. As such, there aren't many reasons to go into politics beyond wanting to make a change.
>no precedent for political engagement actually helping!

Off the top of my head:

In the US: the fourth amendment, Miranda rights, the right to abortion, various efforts to decrim gay sex.

Here in Canada, Trudeau père famously said "there's no place for the state in the bedrooms of the nation", adding that "what's done in private between adults doesn't concern the Criminal Code"

https://en.wikipedia.org/wiki/Criminal_Law_Amendment_Act,_19...

Presumably "no precedent" means "relating to privacy and security". To the extent that there are legal wins there, they were either extracted by technical means (e.g. the crypto wars) or effectively meaningless (e.g. 'oversight' of bulk surveillance).
I think the point is that privacy and security are physical as well as digital and if political engagement made one prevail, why not the other? We have more privacy protections now than we did 100 years ago due to political engagement, there is not reason to believe we cannot continue that effort into the digital realms.
It's a claim worth discussing, but I'm thoroughly unconvinced by it.

There's absolutely reason to believe that the effort can't be smoothly continued into digital realms. First, because interpretations of how existing progress applies to digital issues has consistently minimized privacy and maximized institutional power. Second, because it's not clear that government oversight or legal protections are actually working when they are obtained. We have a long tradition of using activism to produce legislative wins, but on digital issues we constantly see those wins being ignored or circumvented (e.g. illegitimate takedown requests and unapproved domestic surveillance).

I don't think giving up the political fight is a good idea, but it's always jarring when I see people say "crypto nuts should turn to politics instead!" The people pushing strong crypto have historically also been the ones seeking political progress with minimal results.

I do not follow.

The fourth amendment establishes that "[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated"

Roe v Wade literally invented the legal right to privacy in the US: https://en.wikipedia.org/wiki/Roe_v._Wade#Right_to_privacy

The Fourth and Roe are relevant, although I would argue that gay marriage and Miranda are essentially unrelated. In the US, "no government in the bedroom" privacy and non-self-incrimination don't really carry over into "don't read my mail" style privacy. They might bound prosecution, but not surveillance.

More broadly, what I meant was that digital privacy, security, and ownership have been a consistently losing battle. The interpretation of how legal protections (the Fourth included) apply to computers has skewed towards state power in virtually every case, and victories on digital issues are almost all a result of technological activism rather than pure political work.

I'm actually curious: can anyone cite a serious win for privacy that was wholly political?

I frequently see pieces criticizing over-reliance on crypto as solutionism and political apathy, but I don't understand what they expect. The people fighting for strong cryptography have also led the political fight for privacy, but their nontechnical efforts have been ignored or circumvented at every turn. At this point it's hard to imagine what a strong, trustworthy political advance would even look like.

Well, there was a declassification of cryptography as munitions, which was very important. But that kind of proves the point, doesn't it?
Yeah, it does.

I almost called out the crypto wars specifically, because they were a political win caused by technical means (just too hard to control exports) and enabling technical progress (didn't regulate surveillance, but made privacy securable).

To the extent that anyone has actually come to the table on this stuff, it's been as a result of technical change forcing their hand. I wouldn't be surprised if widespread encryption-by-default changes the terms of the debate and opens the door to more transparency from governments who want some degree of cooperation.

"there was a declassification of cryptography as munitions"

That's the popular tale. It was partial. Lots of stuff, including high-assurance systems and custom, stayed under old classification. Such export uncertainty was a consideration in the cancellation of A1-class, VAX, Security Kernel. Here's excerpts and links from a write-up I did on it after I dug into the actual export laws:

http://pastebin.com/GHmHJASm

Still like some help from professionals to confirm or reject my analysis. People dealing with export on Schneier's blog gave feedback indicating they never ran into trouble. Yet, they might have been under the mass-market classification. So, I don't know if the other one is enforced or under what circumstances.

How about the first amendment to the United States Constitution?

Also, I believe trustworthy and political to be mutually exclusive.

How far back are you willing to look? "The Video Privacy Protection Act (VPPA) was a bill passed by the United States Congress in 1988 ... to prevent what it refers to as "wrongful disclosure of video tape rental or sale records..." Congress passed the VPPA after Robert Bork's video rental history was published during his Supreme Court nomination." [1]

I thought there were also some U.S. privacy laws around library records, but can't locate a clear reference just now.

[1]: https://en.m.wikipedia.org/wiki/Video_Privacy_Protection_Act

The rental records of several specific adult video places in the DC area were probably foremost in the minds of that bill's sponsors. Going forward, they realized they would need to be more circumspect, and internet allowed them to pretend that they were. (Of course, they can't hide their peccadilloes from the state intelligence apparatus but most of them are wholly owned by that entity for other, actually-evil reasons anyway.) Kathleen Kane in Pennsylvania has claimed that her current troubles stem from a similar motivation on the part of her disgruntled employees.
Interesting, thanks. 1988 is a while back, but it's far more relevant than the people citing the Fourth Amendment!

That's actually a pretty solid win for privacy, although it doesn't alleviate my sense that the government stance is "we can read everything as long as we don't tell anyone about it". The last I heard about library records was the Patriot Act opening them to government investigation, but things may have changed since them.

Still, this one is news to me, I appreciate it.

Direct action is a pretty terrible form of engagement.

There's a real process and it should be used. People are starting to realise this with the Sanders campaign, although they've still gone about it pretty badly. Engagement has to be institutional and ongoing. The EFF/ACLU approach is pretty good.

If the 4th amendment lobby was anywhere near as good as the 2nd amendment lobby, you would be in a far better place.

Edit: seriously, learn from the gun lobby: they've dealt with both the "terrorism" and "think of the children" arguments while being popular anti-government patriots.

The main thing they have is a very large, very profitable industry whose income rises and falls with minor changes in legislation. If the fourth amendment were the freedom to eat sugar, I guarantee that their advocacy would be just as effective.

Direct action is the only effective form of engagement other than direct payments.

I'm pretty sure that both former slaves, women and most recently nonheteronormative lovers would disagree that there is "no precedent for political engagement actually helping".

That is the only way human rights have ever been won, and privacy in electronic communication is very much a human right.

(Yes, I'm the author of that piece)

Kinda clickbait-y, and ignores the fact that encrypted communications were able to be used (with some effort) before Snowden, but his last point is solid:

> The only way to retain any amount of electronic privacy is through political engagement.

No its not. The reality is the biggest threat to privacy is due to political engagement. Stronger encryption that no one can break is really the only viable option.
Political engagement is a very good tool to keep political engagement in check. Political engagement can make strong crypto illegal to use, or mandate a state MITM[0]; neither are viable or effective at anything, but those inconveniences aren't going to stop their implementation.

[0] Almost happened in the USA: https://en.wikipedia.org/wiki/Clipper_chip

That won't solve the problem

> Slapping unbreakable crypto onto more and more packets is just going to make matters worse > > The IT and networking communities overlooked a wise saying from soldiers and police officers: "Make sure the other side has an easier way out than destroying you."

Who is developing this stronger encryption? The development of encryption has a huge incentive to build backdoors for payouts by government or corporate or worse groups. Then you have the people implementing the encryption that could also introduce backdoors (who knows if heartbleed was intentional or not). Then you have lots of other ways to backdoor the system, from default software installs, viruses, or even compiler or CPU backdooring. There is no such thing as a system that has perfect security. Even if you build everything yourself and are perfect at doing so, the tools you use could easily have backdoors.

By increasing usage of encryption for more and more mundane things all we're doing is increasing the incentive to break that encryption.

I totally disagree. Political and social solutions prevailed in our physical space during the 60s and 70s with the expansion of rights related to search and seizure and the statement of rights to those who are unaware of them. There is precedent for social engagement here.

And remember, all encryption is susceptible to rubber hose cryptography. There needs to be a two pronged approach here.

Not all encryption. There is such a thing as self-destructing data/keys. Once it's gone, it cannot be recovered, even if your life is threatened and you really don't want to die.

Whether you're willing to go that far for your data or not is up to you, though.

You don't need to break the strong encryption, when you can break the kneecaps of people using strong encryption.
Breaking kneecaps is expensive though. You can't just set up a ring of roadblocks around a city that kneecaps everyone passing through as a matter of course.
> Breaking kneecaps is expensive though. You can't just set up a ring of roadblocks around a city that kneecaps everyone passing through as a matter of course.

Once you establish the willingness to break kneecaps, the number of kneecaps you actually need to break is fairly small.

That's true if determining whose kneecaps you need to break is either trivial (e.g. open dissidents and protesters) or can be easily achieved using social engineering (e.g. anonymous print pamphleteers). If doing so is a /technical/ rather than social task, and your technical cryptanalysis isn't up to par, breaking kneecaps is much less powerful of a deterrent because your hit rate will be very low. Breaking kneecaps to deter the use of encryption itself is another matter though.
Broken kneecaps speak for themselves, "I was tased, and it REALLY hurt! I was terrified and alone in the cold and dark, naked, for hours, I thought I was going to die many times!" is... harder to understand and harder to prove.
If you break someones kneecaps, you may get the information they have, but you will never get anything more. After that they and their whole network will take precautions, even going as far as never communicating electronically if required. Such bullying may also easily backfire, which limits its use.

A broken communication channel in contrast is the gift that keep giving. You can get up to date information that the opponent think is confidential as it happens, and they will not take precautions, and you can continue to use the information against them, giving you the upper hand. This is why NSA was so determined to keep their actions hidden.

You fail to grasp the key point here:

If the state cannot break your encryption, they will break you instead.

Which makes your whole argument sound like:

"I'm such a coward! Please take my private data, just don't hurt me!"

Belive it or not, but some people actually have balls to fight evil governments.

Really, it struck me as escalating to an implicit threat. Don't do anything that would actually undermine efforts at mass surveillance, like promote mass use of encryption, or something will happen to you.
The article seems to make the fundamental error of assuming that there is any middle ground between "unbreakable crypto" and "effectively no crypto at all".

If crypto can be broken, it will be broken, whether that's by state actors or by some kid in Mongolia who wants to make a quick buck by ransoming all your files.

I read this a bit differently, i.e.: "unbreakable crypto is necessary but not sufficient" && "unbreakable crypto alone has a paradoxical effect of decreasing privacy through political means."
Because it's not a fundamental error or indeed an error at all.

What you've just expressed is one of those fascinating pieces of mental junk that clutters up social groups, a political desire that's so strongly held you've managed to rationalise to yourself that it's a fact and not a personal desire at all. But it's still not a fact.

It is trivial to use cryptography in ways that yield some sort of balance between personal privacy and the needs of the state. In fact it's almost the default:

• Client-to-server encryption with central message routing is "unbreakable" against neighbours, friends, your employer (when not using their equipment) and most importantly criminals, but is easily accessed by any police officer who can serve a warrant on the provider.

• Disk encryption enforced by secure hardware like iOS, Android, BitLocker etc can easily be given a backdoor by the manufacturers. It's only a few pages of extra code at most.

And that's about it for "mainstream use of crypto up to about 3 years ago" right? It's only since Apple and Facebook started refusing to unlock devices and claiming (wrongly) they have end-to-end encrypted their service so they can no longer comply with warrants that this situation has changed.

That's not even including other techniques like key escrow, the dual-EC RNG that the NSA was pushing (with the interesting fillip that it's got a cryptographically strong "unbreakable" backdoor!) and a whole host of other tricks that aren't really used much (we think).

PHK's article even spells this out for you - Kazakhstan breaks the supposedly unbreakable TLS by simply insisting everyone configure their computer to allow them that ability, a feature well intended by the TLS designers.

The truth is that there's a vast middle ground between "unbreakable crypto" and "effectively no crypto at all" and it is in that middle ground the virtually all services we use today sit. Enough crypto is used to keep out ordinary criminals and snoops, but not enough is used to keep out determined governments with jurisdiction. The point the author is making is that attempting to pursue the ideal of unbreakable crypto (a) won't work and (b) will actually end up making privacy worse for everyone.

If there is a backdoor, that backdoor can be used by anyone that has the key. I do not trust a government to responsibly handle such a key, as it leaking once results in total failure of security for everyone.

A backdoored crypto system is a broken crypto system.

A backdoored crypto system is a no crypto system.
You can always mitigate the "failure for everyone" scenario. Plethora of government keys, for example, or rotating government keys, or rapidly expiring government keys... Anyway, they've managed to keep stacks and stacks of information secret for decades and decades. It seems like it could be managed. No one has stolen the cert for *.whitehouse.gov.

Sidenote, why do people call a second key a backdoor? To me, backdoor suggests exploit, not used-as-designed.

Because it involves trusting that no one made copies of the key, turning a locked door into a backdoor? Your mitigation ideas are sound though, and could also be used as a kind of rolling canary trap.
There are lots of examples of governments maintaining the integrity of keys over the long term. The e-Passport system is an example of that. Another would be that the NSA had the ultimate insider hack - literally a sysadmin who dumped their entire internal wikis and document stores - and yet it appears that no key material was compromised.

You can repeat "a backdoored system is no system" mantra to yourself if you like, but there are a LOT of threats that aren't governments and those are the ones people tend to care about the most.

Threats posed by government are much more profound than those posed by any other type of organisation, because governments have much less effective checks on their power.
While I'm not a fan of crypto backdoors - thinking of it, aren't all public/private key pair systems a form of backdoor? If someone leaks the private key then everybody with the public key are affected? Think root CAs or app store signatures as example. They manage to keep their private keys secret quite well.
It is trivial to use cryptography in ways that yield some sort of balance between personal privacy and the needs of the state.

But that's the point: we've seen that this balance doesn't exist, because if the service providers have access to the plaintext, the State will not contain itself to issuing case-by-case warrants - see Room 641A, "SSL added and removed here", etc.

The current move to encrypt everything is a reaction to the realization that the balance that was thought to exist, does not, and political participation is not sufficient because the information is kept hidden, so no informed political discourse is possible.

You're arguing with something different to what I said.

I pointed out that it's easy to design cryptosystems to be unbreakably strong against all adversaries except governments, and indeed can be unbreakably strong against mass eavesdropping by governments, yet still provide access on a case by case basis. And in fact this is the outcome of all kinds of natural and widely adopted designs.

You're arguing that governments won't content themselves with such access. That's a different question entirely. I think many of them would and that we're heading in that direction, more or less, where mass decryption of TLS isn't done by most governments and the era of GCHQ/NSA style bulk wire tapping slowly fades away, but it doesn't matter to them much because they can still warrant the other end and ultimately that's what politicians feel safe campaigning on.

it's easy to design cryptosystems to be [...] unbreakably strong against mass eavesdropping by governments, yet still provide access on a case by case basis.

Is it? How? Because that's certainly not the default that you referred to.

It's absolutely the default.

Imagine you own a webmail company. You secure your SMTP relays with SMTP-TLS (let's pretend it works well) and your client connections with TLS again.

Now your users are safe from random creepy flatmates, criminals with wifi sniffers, your telco and even mass government surveillance. But, governments can still serve a warrant on you to get email in a targeted manner, assuming they have a working MLAT process.

All you did was apply ordinary encryption to an ordinary website and you have that middle ground between "unbreakable to everyone" and "totally useless".

GP already replied to this exact claim:

But that's the point: we've seen that this balance doesn't exist, because if the service providers have access to the plaintext, the State will not contain itself to issuing case-by-case warrants - see Room 641A, "SSL added and removed here", etc.

The current move to encrypt everything is a reaction to the realization that the balance that was thought to exist, does not, and political participation is not sufficient because the information is kept hidden, so no informed political discourse is possible.

You use a weird definition of "mass surveillance" if installing a single tapping device that can snoop on every customer of a company (hundreds of millions, for the large providers) doesn't qualify.
No, I use the definition that makes sense given the Snowden documents: high capacity cable taps on the backbone itself, not FBI style taps on specific companies after getting the keys via some sort of court process.
OK, under which of them would you classify NSA's MUSCULAR program?
MUSCULAR is/was a codename for a UK based bulk cable tap.

It's easy to confuse that with the name of a programme to reverse engineer and analyse Google internal traffic (which is presumably now over as all that traffic is encrypted), and I made that mistake myself, but I was corrected on HN no less by someone who is closer to the leaks than I am.

It wasn't something done with the knowledge of Google or Yahoo, as evidenced by the use of reverse engineering of the data formats.

> adversaries except governments

Considering that governments are made up of people this would be quite a trick.

Regardless, even if it were so-- the objective would be to be unbreakable strong except to lawful and transparent actions of governments. The lawfulness of an action is undecidable by a cryptosystem. And we know that government frequently behave unlawfully.

Moreover, since cryptographic communications can be hidden very completely unless free access to computers and communication is almost completely suppressed; those who really want (and can afford) communications which are secure against government intrusion (lawful or otherwise) are able to obtain it. So the decision to purposefully weaken cryptosystems has the primary effect of amplifying unlawful intrusions by governments (and paries that steal the governments keys).

  Client-to-server encryption with central message routing [..]
will be abused by the NSA and anyone else that can get their hands on access. And no amount of politicking is going to change that, as it hasn't changed anything about their blatant disregard of the law thus far. BTW, 'anyone else that can get their hands on access' will include foreign nations and criminals.

  [..] can easily be given a backdoor [..]
that magically does manage to stay out of the hands of foreign nations and criminals, where all other backdoors thus far have been discovered and abused?

These arguments have a huge track record against them and I downvoted you for either acting wilfully ignorant.

How many of the NSA's backdoors have ended up in the hands of foreign nations and criminals, again?
To be fair, the NSA did have a very high profile incided where they were considering legally mandating a physical backdoor, called the Clipper Chip, until it was proven that the chip had a gaping vulnerability.

https://en.wikipedia.org/wiki/Clipper_chip

That's kind of proving my point, isn't it? They reacted to the vulnerability (decades ago) by not deploying it, and presumably learning some lessons.
All of them.
That's entirely unprovable, given that we have no idea how many backdoors the NSA has, nor for the matter, are we even sure how many have been leaked.
Of course it is, but note that my comment did not make any statement about NSA backdoors and anyone mentioning those is just trying to muddy my argument by acting as if it did.
Yeah, implied subject is a thing, implied predicate less so in common parlance.
Clipper chip is the classic example...
So far, as far as we know, 100% of them. We'll need more data for an accurate picture.
> How many of the NSA's backdoors have ended up in the hands of foreign nations and criminals, again?

Good timing, the day after your message-- there were dozens of them posted to the public with a suggestion more may go to the highest bidder.

https://www.washingtonpost.com/world/national-security/power...

“Without a doubt, they’re the keys to the kingdom,” said one former TAO employee, who spoke on the condition of anonymity to discuss sensitive internal operations. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.” Said a second former TAO hacker who saw the file: “From what I saw, there was no doubt in my mind that it was legitimate.”

If the other example I gave wrt dual_ec drbg wasn't enough.

>Enough crypto is used to keep out ordinary criminals and snoops, but not enough is used to keep out determined governments with jurisdiction.

So not enough crypto to prevent absolute centralization of power by the institution with a monopoly on violence.

Not necessarily. You don't need to introduce compromised crypto (that's exactly the problem that's happening currently). I think the point of the article more shows that by using TLS everywhere the government is incentivized to attack it a lot more.

This isn't just governments either. Corporations do things like proxy HTTP traffic to cache pages and save on bandwidth (some ISPs do it too). By moving that to HTTPS traffic you are removing the ability to do this, and that gives them an incentive to do things like install root certificates for all their devices. Now your banking website has it's traffic sniffed as well, all in the name of caching the youtube videos that get distributed around the office.

That's like saying there is no middle ground between product X being free and being infinitely expensive. Even if product X has a price I can afford, I have to consider the trade-offs between buying it and other uses for my money. If it's free, though, there are no trade-offs. If somebody can break my crypto, fine, but I want them to expend valuable resources on it so they won't do it for shits and giggles.
Nobody really knows the correct answer and I think that's the reason communication is failing between the government and the tech sector.

I think we have to realize that some transparency into private lives is needed to have a proper society, and the anarcho-capitalists want full privacy from the get go and then increasing transparency as needed for society, while government is kind of hovering on the "we need transparency everywhere for any arbitrary reason because we don't know when we'll need it", and this is a difficult position to hold.

I think unfortunately if we are to have a government, we need to do the latter, because the government can't intrude on privacy NOR punish people without evidence or at least minimum cause, while in a completely private anarcho-capitalist society the individuals who don't comply can be punished indirectly with exclusion and isolation from society. Personally this seems like a pretty crappy way to do things but that's a post for another time.

Absolutely disagree.

A) Even when the government has the data to stop someone, they don't: https://theintercept.com/2015/11/18/terrorists-were-already-...

B) Outlawing crypto just doesn't work. You can't outlaw math. You can try all day long, but that only hurts the masses

At some point, you have to realize that breaking encryption has nothing to do with safety, but is all about power.

a) I don't want to comment on that intercept piece because there is clear bias there and I don't have all the facts.

b) I think actually the FBI is mainly talking about the defaults in software, like how Apple enabled strong encryption for any user. Defaults matter when you consider the 95% of people who would not otherwise use encryption, including all kinds of criminals. I think everyone realizes you can't remove encryption from the face of the earth, it's just not doable and not worthy of discussion and that's not what I'm talking about. The FBI is doing this because they try to reverse the Apple defaults and don't really have any other way. The next step is to "have the debate" but as we can see that is incredibly difficult.

Regarding your last point. Sure, that's one way to talk about it, but if it is the case that it's all about power, then why do we even have governments? All the trust is broken and we are essentially asking to be left alone to solve crimes that happen in our neighborhoods. The government and the FBI / others are supposed to work FOR us, for society as a whole, based on the laws we vote for/lobby for. They aren't meant to have their own will and goals like "power". Only private corporations and individuals want power, that's what the whole point of this government thing was in the first place.

B) The FBI is certainly not talking about only defaults. They have said that they don't want unbreakable encryption anywhere.

> They aren't meant to have their own will and goals like "power".

Yet they undeniably do. Pretending that they don't is sheer naivety.

I'm not much of a political theorist, but we have government because we tend to trust them more than the average mob. They aren't infallible though, and we need checks and balances to keep them in place.

> The FBI is certainly not talking about only defaults.

You are right that considering the whole history of encryption and the FBI, they don't want it anywhere, but as James Comey has himself said, this debate kicked into high gear late 2014 when Apple started with the default encryption, and law enforcement saw an increase in devices they couldn't get into. I think if strong encryption had been on the outliers as it was before that time, we wouldn't have seen this issues raised by the FBI in this manner. I think it is undoubtable that the default is a big reason for this because if many companies start to follow suit, it can have real consequences.

Even though James Comey's proposal of wanting "both strong encryption AND government access" probably came from a place of ignorance of the technology, I do think there is a debate to be had there about securing servers with keys or whatever else just like Google and Facebook and Apple are expected to secure all their other data. Right now, it is completely out of the question when you ask a tech person, because of lack of trust.

> They aren't infallible though, and we need checks and balances to keep them in place.

Absolutely, the way I like to look at it is basic costs and benefits, pros and cons.

There are real harms to strong encryption, whether one would like to admit it or not, so the point is to weigh the costs and benefits and go from there. Right now encryption seems more like a religion, a last bastion of freedom or something. Maybe there are other ways to have accountability.

And we wouldn't have kicked privacy into high-gear if government agencies had proven themselves trustworthy. But they abused their powers, and here we are. I hate saying "they started it", but... they did.

> There are real harms to strong encryption, whether one would like to admit it or not, so the point is to weigh the costs and benefits and go from there. Right now encryption seems more like a religion, a last bastion of freedom or something. Maybe there are other ways to have accountability.

Oh, there absolutely are cons, I don't see anyone saying otherwise. But, just statistically speaking, there is vastly more harm in not having strong encryption. The cost/benefits are so skewed to one side, it's not even really a discussion. Maybe there are other ways to have accountability, but I have yet to see a viable one.

This is becoming a super long thread now but I want to say I understand your points, that's why this is difficult to discuss.

What I see is that if evidence collection becomes seriously hampered because of strong encryption, then hacking, backdoors and surveillance will have to go up to compensate, and that's not a good situation either. If there comes a point where a large percentage of pedophiles, 'common criminals' and others can't get convicted because of default encryption (the evidence is on their phones), then the FBI and police will move to other methods, like the aforementioned ones. Because of this, I'm not sure your last point holds:

> But, just statistically speaking, there is vastly more harm in not having strong encryption. The cost/benefits are so skewed to one side, it's not even really a discussion.

Maybe we just haven't seen the actual consequences yet. Unless the FBI and the police are lying, then it will get worse as time goes on.

Here's a quote by Comey

http://www.msnewsnow.com/story/32698131/fbi-chief-calls-for-...

> Speaking Friday at the American Bar Association annual conference in San Francisco, James Comey said the agency was unable to access 650 of 5,000 electronic devices investigators attempted to search over the last 10 months.

Barring some bigger discussion about government power altogether, this seems to be the issue we are facing. I also want to say that it's not just about conviction and putting someone in jail. Sure in a lot of these cases, there will be other evidence and other things to nail them on, but it's also about revealing the full scope of a crime and not just a harsher crime. In the name of justice so to speak.

> What I see is that if evidence collection becomes seriously hampered because of strong encryption, then hacking, backdoors and surveillance will have to go up to compensate, and that's not a good situation either.

I don't see why it should. Encryption isn't taking something away that the government has always had, it's about taking something back that they never should have been collecting in the first place, and evidently don't know how to use properly anyway. Just because we've taken away their new toys doesn't mean they get to continue to abuse the system.

> Maybe we just haven't seen the actual consequences yet.

Really? I've been pretty civil with this, despite my inclination that you are just trolling, but I can't even take this part seriously.

> Unless the FBI and the police are lying

Either they are being malicious, or they are being ignorant. I'm not sure which is worse. But we have plenty of evidence that they are and have been lying.

You keep framing this discussion as though it's reasonable they are the good guys looking out for everyone, but there's just too much evidence that this isn't the case.

EDIT: > 650 of 5,000 electronic devices investigators attempted to search over the last 10 months

How many conversations about crimes were had in private that they couldn't record? I'm guessing many more than 5,000. Does that mean we should ban non-transcribed conversations?

> I think we have to realize that some transparency into private lives is needed to have a proper society, and the anarcho-capitalists want full privacy from the get go

This is almost a non-sequitor. If your private life is transparent then it ceases to be private. You're in fact advocating no private life. I strongly disagree that this position would be good for society.

It's funny how you'd think you have to be an 'anarcho-capitalist' to want privacy.

The rest of your comment is a strawman, whatever your feelings about 'anarcho-capitalism' is irrelevant to having a right to privacy.

> You're in fact advocating no private life. I strongly disagree that this position would be good for society.

No, I'm not advocating for anything per se, I'm just bringing up opposite points of view. I don't have an easy answer either. Second, no privacy is what has been the standard since governments started. There has been no technology that has been able to make some aspect of reality 100% private, other than the decay of physical objects over time, essentially erasing the evidence.

The fact that we can have permanent 100% private aspects of life is a brand new thing, and thus must be discussed in that manner. That's why I brought up the extreme of anarcho-capitalism - not to speak against it but as a counterpoint to what we have now/what has been.

"No privacy" has certainly NOT been the standard. Before the information age, people were more likely to communicate extremely private information in person. Until the invention of microphones, this communication was most certainly private if you could avoid eavesdroppers! Now, with everything from TVs to phones to lampposts listening in, this type of communication carries less of a privacy guarantee, but it's still one of the only methods to obtain actual privacy under the right conditions.

So let's all go back to in-person conversations, right? It's not that easy. Friends and loved ones no longer live as close as they once did, as technology has allowed us to stay connected at greater distances. This means that our options under the current state of the world are (a) keep sensitive information away from our trusted confidantes until we see them in person, whenever that is, or (b) get used to the idea that sensitive information could be exposed. Either one of these options brings with it increased psychological stress. This is a big reason why people want "unbreakable" security, and there's nothing nefarious about it!

> "No privacy" has certainly NOT been the standard. Before the information age, people were more likely to communicate extremely private information in person.

The first problem with this is that influence and power in society is proportional to how many people a person has access to and is around in some way. So yeah you could be private before but you couldn't do nearly the same damage or have the same influence without having people around. Technology empowers people across the world while at the same time potentially leaving no trace. The second problem is that communications is one thing, but evidence and 'data at rest' is another. Things like sexual abuse pictures, financial logs like cryptocurrencies, gps coordinates of where you've been, app logs in your phone and whatever else that may serve as evidence. In the old world, you had no choice but to burn or bury that evidence, but that also eliminates their usefulness to the criminal so there's a choice to be made by them before they destroy it.

Basically in the old world you had physical items in a physical world, observed by the people around you, and your only friend was physical isolation, physical obfuscation (burying, using a safe, both of which aren't 100% private), or the decay/destruction of the physical items. Today you have pristine copies at global scale with 100% privacy and this is far more effective.

ffwd said that you needed to be an anarcho-capitalist to want absolute privacy. To have a "proper society" (one where government can arrest murderers, say), you have to have some transparency. (Because if I'm a murderer, and I do the murder in the privacy of my own home, and there is absolute privacy, the government can't ever find out, much less prove, that I did it.)

For the proper functioning of government for the legitimate benefit of society, there is a balance between privacy and transparency. The government is going beyond that balance, seeking more transparency. The anarchists go the opposite direction, seeking more (preferably total) privacy. Neither is in the public interest.

A third possible position would be the government stating "we need transparency everywhere, including for ourselves"--I would be that people would be much more accepting of transparency when government is totally transparent in return. For many reasons, governments are reluctant to take this position.
(comment deleted)
All of the things the governments are trying to do won't (and shouldn't) work though. We can work around their attempts.

If the government wants data, it should get it at rest not during transmission. They can get a warrant to get the data store that your data is residing on. If they can't get what they want because that is encrypted then they can try to legislate all they want but it is pretty much impossible to stop someone from encrypting something at rest, especially considering the existence of the open source and open hardware movements.

It sure makes for a nice contrarian opinion, but fighting politically vs technically is a needless dichotomy. At least this post attempts to back up this assertion, but it seems a quite handwavey to assume that because eg a protocol contains key escrow, that governments aren't still going to want to preemptively read, archive, and datamine the cleartext.

Yes, all governments. Because governments, even democratic ones, fundamentally desire power. The best political argument we have is getting working strong encryption into the hands of everybody and making them appreciate the security it gives them. Presently, they have no choice about being personally surveilled, so they might as well lobby for everyone else to be surveilled as well.

As an aside, HTTPS is easy to coopt by network operators because it is a terribly naive protocol:

- fingerprintable, even going so far as to put the site name in the clear!

- naming system that assumes unfettered Internet access

- generally requires communication for every micro action

- crypto keys are disconnected from naming, requiring binding together by ambient third party

- naming system based on specific servers inevitably leading to centralized data silos that will be governmentally or economically coopted

(Yes, the problems are centered around naming. It's one of the 3^h2 hard things in computer science, yet is easy to ignore when focused on the details of transferring data)

> The problems are centered around naming.

What's that expression? "All problems in computer science are ultimately about naming."

There are only two hard things in Computer Science: cache invalidation and naming things. -- Phil Karlton

Variant: There are only two hard things in Computer Science: cache invalidation, naming things and off-by-one errors.

You can solve cache invalidation by doing naming right. ;-)
I'd put it a different way. Encryption and other forms of good security force surveillance out of the shadows. Without it we wouldn't know what Kazakhstan is doing.

If the law requires a warrant to access your GMail account, good security is why law enforcement has to get a valid warrant and send it to Google to get access.

Done right, it's not a substitute for politics. It enables politics. It allows agreements on checks and balances to be enforced rather than letting state hackers do what they like.

We all like end to end encryption though. In fact, most people call it the pinnacle of crypto done right.

And yet, it completely circumvents any warrants.

And yet, it completely circumvents any warrants.

No, it just means the warrant must target one of the ends.

I don't think e2e crypto circumvents any warrant, in fact it makes it very similar to a warrant for a physical thing at your house.

An analogy:

Gmail is like having a safe at your bank, if the police want something in it, they get a warrant to search your safe. E2E Crypto is like having a safe at home, if they want something in it, they get a warrant to search your house.

So I wouldn't say it circumvents any warrants, it just changes who is served said warrant.

Except, the safe in your house can be cracked on a judge's order. Your encrypted machine, on the other hand, does not listen to judges.

Ergo, the FBI-unlocking-dead-guy's-iPhone thing, and the key-disclosure thing.

> Your encrypted machine, on the other hand, does not listen to judges.

My machine doesn't, but I do, unless I am willing to face the consequences of being in contempt of court.

Which many members of conspiracies would be more than willing to do, hindering the investigation of organized crime, and (genuine) terrorist cells.
That's why we have laws to punish them.

If your argument is that they're willing to face the consequences in order to perpetrate their greater crime, then (respectfully) you've missed two crucial points:

1. US legal tradition wholeheartedly rejects the goal of absolute security. Better to suffer a few terrorist attacks than live in a surveillance state (yes, yes ... I know... not the point...)

2. Deterrence, in general, doesn't work against self-sacrificing adversaries. Even if crypto were outlawed, terrorists would still use end-to-end crypto, and refuse to comply with a court order to decrypt.

Being held in contempt is a very light sentence. Moreover, when a defendant refuses to comply, consequences can only be coercive, not punitive. That means that, e.g. imprisonment is limited, because if 1 year in prison isn't going to coerce you, neither will 10 years.

The great issue here is the total unbreakability of crypto when compared to e.g. a safe. Before this, all we had was human memory which is very limited.

With end to end crypto, if the government wants something from me and has acquired a warrant for it, they are still reliant on me to produce the decrypted data, but I refuse it they can hold me in contempt of court. It's not like they lose all leverage.
Where does it say that the government has the right to expect the evidence obtained from a warrant to be useful?

If the government can't do their job effectively with the presence of strong, pervasive encryption, that's their problem. The right of the people to be "secure in their persons, houses, papers and effects" is non-negotiable (at least in the US, barring a Constitutional amendment.)

They have the right to serve a warrant for my phone, and I have the right to hand them an encrypted phone. There may be circumstances where, legally, the government can demand a password, or pay for an exploit, and that's fair enough. But I don't believe any government does or should have the right to demand that encryption not exist, or that it should be fundamentally broken.

>Where does it say that the government has the right to expect the evidence obtained from a warrant to be useful? If the government can't do their job effectively with the presence of strong, pervasive encryption, that's their problem.

This is patently absurd.

US courts have, time and time again, upheld limits on the 4th amendment pertaining to the risk that evidence might be destroyed. The textbook example of this can be found in the so-called "motor vehicle exception". This exception holds that because of the inherent mobility of automobiles, there is exigent cause for a warrantless search, since evidence may trivially be destroyed, obfuscated or hidden.

>The right of the people to be "secure in their persons, houses, papers and effects" is non-negotiable (at least in the US, barring a Constitutional amendment.)

The 4th amendment protects against unreasonable search and seizure, not warrantless search and seizure. Granted, a warrant often (but not always) renders a search/seizure reasonable, but a warrant granted absent probable cause is invalid.

Further, there are other well-established cases in which warrants are not required for searches and seizures. Three such examples are (1) Terry stops (2) the "in hot pursuit" exception (3) the "plain view" exception [0].

Hell, the text even states it plain as day:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

The only mention of warrants is that they are only valid if issued based on probable cause, supported by oath or affirmation, and are specific.

>They have the right to serve a warrant for my phone, and I have the right to hand them an encrypted phone. There may be circumstances where, legally, the government can demand a password, or pay for an exploit, and that's fair enough. But I don't believe any government does or should have the right to demand that encryption not exist, or that it should be fundamentally broken.

I agree with one caveat: while I would hope that phone-decryption would be subject to a warrant, it's unclear whether or not this is constitutionally required. We may well see a "mobile electronics exception" appear. You and I might not agree that it's a good idea, but prima facie, there is a legal basis for such a statute.

[0] http://nationalparalegal.edu/conLawCrimProc_Public/Protectio...

Nope not any just subpoena the person who owns the keys...
Encryption is political engagement. Loosely translated, TLS and PGP have historically been computerese for "get a warrant."

Of course the deep state will use politicians to assert its power, and if politicians do not work for us instead, people will use networks, technology, and trade (or the alternatives) to defend their freedom.

It is a reasonable question to ask, how long does a typical nation really maintain its territorial sovereignty, and which ones are outliers?

Kamp misinterprets the fact that because some states have begun to fight means that they will win. It does mean, however, that crypto facilitates freedom, and it forces the discussion in regard to the limits on elite powers. The crypto genie is out of the bottle. It is on states to rethink how they engage, not us.

I think this point of view isn't just wrong it's actively harmful.

It completely ignores what happened - which is that various government agencies skirted around constitutional law, subverted public discussion of the matter [0] and have still not been brought into adequate compliance (Since it's incredibly hard to demonstrate standing and not have the case squashed [1]).

And after all this the author is saying the problem is that the users aren't part of the political process? I would say until powers and programs employed by government agencies are brought into accountability (let's not forget the CIA monitoring the computers of it's own oversight committee [2]) and a transparent debate is allowed to take place, there is precisely nothing better to do and encryption everywhere is precisely the correct populist and democratic way to fight it.

>Just this past week Kazakhstan announced that a "state root certificate" would have to be installed on all computers wanting to use SSL/TLS/HTTPS out of the country.

Yes backwards nations like Kazakhstan might be implementing "state root certificates" but this is just clearly demonstrative that the power is on the side of the users in this debate. Isn't having these kinds of crazy measures on ballot in Western countries precisely forcing the political process the lack of which the author of this paper is criticizing?

[0] http://www.forbes.com/sites/andygreenberg/2013/06/06/watch-t... [1] https://www.eff.org/cases/jewel [2] https://theintercept.com/2014/03/05/congress-intelligence-co...

I think a very important point was raised though.

Before crypto, basically all guarantees where conditional on a judge's say so. With crypto this changes. The issue also comes up, in a clearer way, with crypto currencies. There is no way to deal with fraud or mistaken tranfers in bitcoin.

That loss of intervention hurts, and we gotta think about it. Even though no government has given a satisfactory solution, that doesn't mean there isn't a problem in need of solving.

Before crypto, basically all guarantees where conditional on a judge's say so

Tell that to J. Edgar Hoover.

That just shows they were conditional on things beyond a judge's say so. I.e. security can also be broken by people willing to break the law.
One day I will actually see someone write a response starting with "that just shows" that doesn't boil down to "My being wrong shows that I'm actually right. Somehow."
>There is no way to deal with fraud [...] in bitcoin

Don't we have an extensive legal system to deal with fraud? The fact that a lot of payment providers elect to deal with fraud themselves probably shows that that legal system isn't working as smoothly as it should; but that's really something that should be fixed in the legal system, not in the payment channel.

Part of the way the legal system deals with fraud is by recovering money (where possible). With bitcoin, unless the destination wallet can be obtained, that is not possible.

With cash, you seize the cash. Bank accounts can be frozen, Credit card transactions canceled, wire transfers flagged (http://www.npr.org/sections/money/2016/01/29/464859624/episo...).

With cash, unless the wallet in which it resides can be obtained, that is not possible. I fail to see the difference.
I agree, the legal system doesn't do well when it comes to recovering cash from entities that can hide it. You can get a legal judgment against a company, but if it's fly-by-night, it winds up being a worthless piece of paper, and can become very difficult to recover.
The law does actually have ways of extracting cash from people even when it can't locate the cash in question. It's harder, and less effective, but overall it works more than it doesn't.
It's much harder to hide 500,000 dollars in small bills than it is to hide Bitcoin.
Hiding a wallet is much easier. You can even have several copies of it, so that you can hide it so well that you do not even care if you lose it.
Law enforcement has well-developed capabilities to surreptitiously follow the movement of people and objects through the physical world and wield whatever force necessary to sieze them where desired.
Bitcoin moves much faster and much further that cash though.
> Before crypto, basically all guarantees where conditional on a judge's say so.

Sadly, they weren't.

> With crypto this changes.

Actually, with crypto it is much harder to claim that a judge's authorization isn't required to even try to subvert the privacy intent.

> There is no way to deal with fraud or mistaken tranfers in bitcoin.

There's no way because legally the system (for the most part) considers it outside the scope of fraud laws.

> That loss of intervention hurts, and we gotta think about it.

TLS doesn't create a real loss of intervention. It requires that the intervention be far more explicit and/or targeted.

> with crypto it is much harder to claim that a judge's authorization isn't required to even try to subvert the privacy intent.

No doubt, but the issue is that a judge's authorization can be ineffective in the face of crypto.

> TLS doesn't create a real loss of intervention. It requires that the intervention be far more explicit and/or targeted.

That targeted intervention is really easy to block for those who want too. All it takes is not revealing a key/passphrase.

> There's no way because legally the system (for the most part) considers it outside the scope of fraud laws.

Not just that though, it is also impossible because the conditionals introduced by a court system are very hard to encode in a crypto system, even more so if you want to do this and be able to retain trust.

> No doubt, but the issue is that a judge's authorization can be ineffective in the face of crypto.

Only when it should be. Crypto just means you need a secret to access the data. If you can't compel the secret, why should you be able to compel the data?

> That targeted intervention is really easy to block for those who want too. All it takes is not revealing a key/passphrase.

You say that like it is an easy thing. Try keeping your key/passphrase protected against an adversary that can replace/intercept your keyboard, your touch screen, your mouse, your network, etc. It's just a lot more intrusive and a lot more work, which is why it has to be far more explicit and targeted.

> > There's no way because legally the system (for the most part) considers it outside the scope of fraud laws. > Not just that though, it is also impossible because the conditionals introduced by a court system are very hard to encode in a crypto system, even more so if you want to do this and be able to retain trust.

Those conditionals were all choices made by the legal system. Those rules can always be changed if so desired. If they aren't... maybe it is because they shouldn't be. ;-)

This point is a tired falsehood. There have always been phenomena with physical rules that supersede any human decision. The legal system recognizes and works with such boundaries - some even end up codified in our highest laws such as the 5th amendment.

We're only in this present quandary because of professionally irresponsible "web 2.0 services" that siloed up user data for their own surveillance goals, creating enticing targets for governments' desires of control.

When everything is decentralized, it's going to be much harder to enforce any rules about no-crypto. For now things like social networks are cenetralized, leading to all these temptations to mine the data. It's not just government who wants youd data - it's every organization!

http://magarshak.com/blog/?p=169

Until very recently 99.99% of conversations where completely private and society functioned just fine. Even with crypto everywhere the governments have far more access to what people say and do than they had for thousands of years.

People with power pretend if they just had more power everything would be better. But, reality is if everything on a computer where private not much would change.

> Until very recently 99.99% of conversations where completely private and society functioned just fine.

Until very recently, most conversations were plausibly deniable, and off the record. The internet and cryptography changes that.

Edit: [Both plausibly deniable in the formal/cryptographic sense, and in the informal "You're misremembering, there's no record in writing of me saying that" sense]

> The internet and cryptography changes that.

By Internet, I think you mean phonographs, magnetic tapes and pocket recorders.

Cryptography brings some of that back.

To get access to those, you needed warrants, and you didn't get to listen in on every conversation, only targeted conversations. On the Internet, you have full access to pretty much everything I've ever said to somebody.

They aren't equivalent.

> Until very recently 99.99% of conversations where completely private and society functioned just fine.

In fairness, until very recently it was also extremely difficult for two people to privately plot to murder hundreds. Technology has changed the balances on a lot of scales.

To be clear, I'm not advocating for government back doors in encryption here. But I am saying we should not pretend that encryption just puts things back "the way they were". It most definitely does not.

> until very recently it was also extremely difficult for two people to privately plot to murder hundreds. Technology has changed the balances on a lot of scales.

Was what McVeigh did highly technical?

It was dependent on having modern technology, like a truck and cheap fertilizer; it's a lot harder to kill 168 people (and wound almost 700) with an oxcart and a crossbow. Even with a carriage and black powder you need a _lot_ of people to be in on the plot. (Black powder was not cheap, not deniable, and not easily transported or concealed.)
What about poison? or fires? I'm sure there's other means I can't think of right now

Modern tech has made it a bit easier, but it was still fairly easy throughout most of history.

It was not easy to get enough poison to kill hundreds. You get some hemlock, dump it in a well, and it dilutes enough that a dozen people get stomach aches and one elderly person dies. It's feasible to pull this off on a larger scale, but you'd need a lot of poison, and therefore a lot of resources.

Fires? I'm not sure it was that easy to set an out of control fire that would consume enough of a town to kill hundreds. Does everyone just fail to notice as you splash pitch on buildings all day leading up to the final act of starting the fire at night?

Pitch, or indeed much premeditation at all, wouldn't be necessary in a village with five foot alleyways and dried grass roofs. Additionally, tar was a common caulking material. Oh, and running water/chemical foam wasn't usually a thing. And, you know, no trained quick response teams, or well maintained roads and swift transit systems to escape on, or any way to tell the difference between the smoke that always hung around the fireplace and the smoke from the roof being on fire... I could go on.
Face it people -- terrorism is a problem of technology.
Exactly. Primarily the technologies of mass media and democracy.

Of terrorism, the newscasters on TV who sensationalize the act and the politicians who fan the flames for their own benefit are just as guilty as the person who blew themselves up.

(Though obviously, only the latter is guilty of murder)

I take your point, but I think it's important to distinguish two issues that are raised by modern technology here.

One is about information. Modern technology allows new kinds of communications and learning and collaboration. It also means that for the first time it is technologically feasible for governments and other powerful organisations to monitor entire societies pervasively.

Another is about automation and efficiency and scale. Modern technology allows individuals or small groups to do many wonderful things. It also potentially allows individuals or small groups to cause far more damage than they could before, whether that is physical, emotional, economic, or any combination of those.

There is a certain amount of overlap. For example, some of the implications of widely distributed surveillance are concerning, but some of the implications of not just monitoring but actively influencing large groups of people by modifying (overtly or otherwise) the information and communications they receive are downright terrifying.

However, I think these are two quite separate issues in principle, and they each introduce risks of their own along with the benefits. Encryption is the counter to one form of risk in the communications area, and in that sense it does roughly speaking bring back the privacy that everyone used to enjoy automatically. Restoring that privacy necessarily means that bad people can use those communications channels to discuss doing bad things as well, but they could discuss those things in other forums instead if they needed to. We need other ways to control the risks of new technologies enabling larger scale threats, regardless of what we do about communications and encryption.

What are you talking about? There have been plenty on bombings and shootings for hundreds of years.
200 years ago there were "plenty" of bombings and mass shootings orchestrated by groups of 1 or 2 people that resulted in hundreds of lives lost? Can you provide a few examples of this?
That's a rather artificial limitations, few modern plots are from 1 or 2 people with hundreds killed. Historical examples are generally things like fires not bombings / mass shootings. As an example of the risks: https://en.wikipedia.org/wiki/Great_Fire_of_Meireki for example was extremely deadly, though estimates of ~100,000 dead where probably exaggerated.

We have also forgotten a lot of this crap. EX: 40 to 81 people killed from a time bomb in 1875. https://en.wikipedia.org/wiki/Alexander_Keith,_Jr. Note, this was for insurance money not terrorists, but I don't think the dead care.

Some historical examples where donations where probably accidental. The Delft Explosion of 1654 killed 100-200 people. In 1769 ~3000 people where killed when a depo @ Bastion of San Nazaro in Brescia was struck by lighting. A lighting also sparked another detonation in 1856 killing ~4,000.

Not to mention smallpox and other infectious diseases where one person could kill thousands easily, even if unintentionally (with some instances intentional).
> That's a rather artificial limitations, few modern plots are from 1 or 2 people with hundreds killed.

I've heard small conspiracies called out to justify mass surveillance. You don't really need mass surveillance of your own citizens unless you are concerned about very small conspiracies. Bigger conspiracies can be uncovered with more traditional detective work.

Freak fires are also not a great example. An arsonist cannot cause hurricane force winds to assist and push a fire through a city. This is effectively an act of God. The time bomb is a better example, though again I would ask for evidence that this was a fairly common event the way mass shootings and similar terrorist attacks have sadly become.

> I've heard small conspiracies called out to justify mass surveillance.

The fact that something is a convenient and effective narrative for propaganda purposes doesn't mean it is a significant and common threat.

200 years ago world population was 1/10th what it is today making most events more common now. Something like 5% of everyone ever born is alive right now.

In terms of most kills by a single person one sniper is credited with ~700 kills and a mounted knight in plate was expedition to equal 100 peasants on average so 200+ in exceptional cases seems reasonable especially considering the Spanish conquest of South America where in the 1500's where ~300,000 vs 2000 and the 2000 won with minimal casualties. https://en.m.wikipedia.org/wiki/Spanish_conquest_of_the_Inca...

Mandela spent 20 years in jail for plotting to blow up a hotel, I believe? And that was nearly a century ago.
Your timeline is skewed. Mandela was born nearly a century ago. His involvement in bomb conspiracies was in the 1960s, about a half century ago, when most conversations were not guaranteed private. Wire taps have been around as long as phones.
Gunpowder plot of 1605 is a rather famous counter example: https://en.wikipedia.org/wiki/Gunpowder_Plot
That's really not a counterexample to my point. This was a conspiracy involving over a dozen people. It's a plot that unraveled because someone leaked the details.

This is why technology has changed the balance. You don't need dozens of people to gather enough explosive material to pull this off today. And with fewer people involved, traditional detective work is harder, and those involved are less likely to leak details.

There are plenty of accidental detonations that killed hundreds which could have easily been caused by just one person as noted in another post. Though, wartime sabotage is not exactly terrorism.

Again, if you want to kill lot's of people disease, and fire where the most common historical examples. It's actually much harder for a lone person to kill thousands today than it was 500 years ago due to effective methods of firefighting.

When you talk about two people plotting to kill hundreds, do you mean any two people or do you mean two people who are otherwise physically apart but are brought close together by technology? Coz if the medium of communication used by your two would be mass murderers is VoTA (0), that technology is as old as human beings.

0. Voice over The Air. :-)

> There is no way to deal with fraud or mistaken tranfers in bitcoin.

This is a social problem of bitcoin. The bitcoin people consider this a feature.

However, it can be dealt with at an exchange. "MyBitcoinExchange(tm) only allows transfers to other members of MyBitcoinExchange(tm) and yourself. All transfers will be escrowed for 5 days to ensure that they are not fraudulent."

The problem is: nobody in bitcoin would use that exchange.

People who want non-traceable will stay away. People who are using it to sequester wealth out of countries will stay away. People who want fast liquidity will stay away. etc.

So, who's left? Um, people who are perfectly adequately handled by existing credit cards, thanks.

> With crypto this changes.

It shouldn't. Listening in on a conversation should be illegal whether or not the conversation is encrypted. But we realized that if we weren't encrypting our conversations that our rights were being illegally infringed upon, so we started taking matters into our own hands.

Well, two things:

1. I've always maintained that privacy is a political and social problem, not just a technological one. Nothing stops a more powerful actor from breaking encryption with a rubber hose if they really want to. Technological solutions are still needed since there's a variety of actors involved, only some of which will obey the political doctrine.

2. I often wonder if encryption will make us think of privacy a bit like we think about rule breaking in sports. Since there's an official, we assume that you can break the rules if you don't get caught, at least on the field. There's no ethical pressure to "do the right thing" because we've offloaded that burden to the officiating crew. Has technology become a bit like the official in this case? Our physical spaces have strong and protected rights, at least in the US, but our digital ones do not, and that may be because we are protecting them in other ways.

How does a rubber hose work when the people are talking via Tox or via .onion sites?
Rarely does encryption exist in a complete vacuum. Just as we cannot necessarily listen to every one on one conversation, those conversations become important when related to something occurring withing the "physical" world. I think we've seen that Tor does not protect you from someone who's determined to find you (see: Silk Road).
Indeed, at least with Tox, all I need is a separate key exchange, somewhere. In person works wonders. So does random email, or instant message, or you name it.

At least for communications that need that layer of security and anonymity, it's certainly there. And as I implied, rubber hoses won't work on anonymous and encrypted digital identities "somewhere else".

At least regarding Silk Road, that's because he made amateur mistakes by posting his real name and then changing it on StackExchange, about making a e-commerce .onion website.

And that was the beginning of his fuckups, with the final one by paying for an assassination attempt.

> And that was the beginning of his fuckups, with the final one by paying for an assassination attempt.

That's my point. At some point he needed to leave the digital world and live in the real world. There is no perfect false identity, not one that does anyone any good. Whether you are looking to overthrow a regime, sell drugs, or just keep your recent pregnancy on the down low, at some point that leaves the digital space and enters meat space. It's at that point that powerful actors can get what they want from you.

Encryption might help you evade detection, but it is not a guarantee of privacy, even for a regular person.

Believe it or not, I expect we agree in the end. The existence of encryption is precisely why dragnetting doesn't work for catching actual bad guys. What brought down Silk Road was old fashioned police work. Get people on the inside, record some chats, get some warrants and so on. They seized him after he had decrypted his laptop, even. It's also precisely why I think political solutions are going to be the most effective in the end. The expectation of privacy we have established outside the digital space (say, no wiretapping, no illegal searches or arrests) still gives tools for protecting the public. Perhaps we need to somewhat tweak those tools for the digital world, but that doesn't mean we need to give the government the keys to our house.

I think OP was talking about torture in order to obtain keys.
And the GP is asking who will be tortured if you can't get the identity of the interlocutors.

You can even hide that a conversation took place.

They might own a significant share of Tor relays and exit points, likewise for Bitcoin.
I've also worked on quite a few methods of using Tor and Hidden Services, where my whole network is in .onion .

I can send data to .onion addresses natively via DNS ( https://trac.torproject.org/projects/tor/wiki/doc/LinuxDNSre... ). I can also receive data from Onions as well.

Right now, I have Node-Red communicating data from my IoT infrastructure, publishing data to my MQTT broker elsewhere (my server onion). I have my 3d printers in another place, and part of the MQTT data is pictures and GCode readouts from them.

It sounds complicated, but Hidden Services allows me to treat a network of disjointed machines (all behind NATs) to be thought of as being on one huge ethernet hub. And I can code against an [hash].onion and know that my data will reach that machine, no matter the IP.

Oh, a purely tool based solution to privacy has failure built in to it. It's a necessary component of a larger system.
Rubber hoses don't scale. With our technological solution, we make it so that the government can't access 99.9% of all conversations. If they want to access a conversation here or there, they can use a rubber hose. But if they want to see every conversation in a person's social network (including conversations they weren't directly involved in), then they aren't going to be able to do that anymore.

Technology helps a lot. It brings us from a panoptikon to a situation where enforcement has to be done on an individual basis. That's a big win for freedom in my book.

This is an important point that the author, even in his comments in this thread, has no answer for beyond scaremongering that "the state" will "break" us all. You can't secretly beat everyone with a rubber hose to let you spy on them.
I agree that this point of view is actively harmful. Users not being part of the political process, realistically, is part of the political process design. The average user doesn't have the time or money to lobby like a corporation with clear financial incentives to inhibit Progress in Congress.
To "backwards nations" you can add the following, all of which have floated laws to weaken/backdoor/ban crypto:

France

UK

USA

Russia

This is a disappointingly defeatist perspective on the new crypto wars: unbreakable encryption is why we can't have nice things. I would rephrase most of his examples with the old saw: if you outlaw encryption, only outlaws will have encryption.

Since Snowden we've increasingly realized that our own governments are the adversaries, but hopefully incidents like the DNC hack will shift the narrative from the terrorism bogeyman back to defense against black-hat hackers.

Those hats might be a dingy shade of gray, but I appreciate their shedding some light on our political process. The DNC is the adversary of decent citizens, in this case.
I assume the author also believes that war is peace, freedom is slavery, and ignorance is strength.
And I assume that you failed to read the article.
I'd honestly expect something this ridiculous and intellectually insulting to have been said by an NSA official during an interview.

There no possible political engagement at this point. Agencies of major governments can quite secretly and even illegally engage in mass surveillance, as they documentably have. They can even spy on each others' citizens. The only way you can force issues out into the open where they can be politically engaged is by making secret surveillance impossible.

"Make sure the other side has an easier way out than destroying you."

That only works when the other guy isn't already dedicated to destroying every vestige of your privacy.

> Kazakhstan announced that a "state root certificate" would have to be installed on all computers wanting to use SSL/TLS/HTTPS out of the country

Devils advocate: Practically every country (national telecom) has its own root certificate. Here is the list:

https://mozillacaprogram.secure.force.com/CA/IncludedCACerti...

When Czech goverment started digitalization, it was very user unfriendly to install Czech CA. I think Kazakhstan is just using force it has to speedup its own application.

I don't totally understand this view. Government doesn't have a right to ephemeral conversations that happen in physical space between two people. We aren't required to record them in case some law enforcement officer might request them.

Why is online discourse different? Just because the bits still exist in some sense, why does that mean they need to be accessible?

Government doesn't have a right to meticulous transcriptions of every verbal conversation you've ever had. But, it does have a right to do its utmost to figure out what was said. It has a right to search your file cabinet, or tap your phone, or tail you with a detective, with a warrant of course.
Does it though? A right? Like your right to freedom of thought? That's big! Would you think this if a judge hadn't ruled this way?

Because in our system it's not the judge who can make that call, it's you (theoretically a citizen) who grants the government the authority to take certain (constitutionally limited) actions as long as it serves the people.

If the government has a "right" to tap your phone they have the same right to plant a microphone on you, and at that, they do have a right to every verbal conversation you've had. Because they can get one from the other.

This argument is like saying that if you build a castle to protect yourself from the attacker, you are responsible for the enemy's construction of trebuchets that siege the castle. Yeah, the castle builders are at fault. Nevermind that they protect so many innocent with their work.

Of course we need political involvement, but we also need encryption everywhere, literally everywhere.

You should study the history of anti-ballistic-missile defense systems, and you will find that for the longest time nobody wanted them, because that would force the enemy to attack before they were completed.

Never build more formidable weapons or defenses than you are willing to lay your life down for.

You're describing a reluctant, cautious and rational adversary.

There never was any effective political opposition to "Star Wars" in the US.

This is a fringe opinion, but I personally wish the U.S. would make all forms of hacking and digital surveillance totally legal. Yes, legal, with no "I".

I think this would drastically change the technology landscape, putting more impetus on vendors to provide (and prove) protections such as encryption, and an impetus on users to select the vendors who are the best at doing so.

Hacking laws are a crutch that attempt to patch insecure systems with law enforcement. And they risk being interpreted incorrectly--see interpretation of CFAA in the Aaron Swartz case, where downloading files could have meant 35 years in prison.

I say let the CPUs interpret the bits, not the politicians. They cannot keep up with changes in technology, will make many wrong decisions, and are susceptible to corruption.

In a world where hacking is legal, encrypting everything would be the right thing to do. It would be the only way to stop the government from spying on us, and the only way for them to stop us from spying on them.

That would backfire very rapidly. We have trillions of dollars of infrastructure that would last 3 days against a single competent hacker. There was just an article recently on vulnerable hardcoded-password medical devices. Electrical grids and construction equipment aren't much better. People's webcams that they already own, phones that they already own, highly insecure software is pervasive in everyone's every day life. It's inescapable.

The pressure you are talking about would be too great. Things would collapse if it became legal to actively pursue hacking them.

So instead you want to wait until it gets worse? What's the end-game there? With bailing wire and plucky determination the FBI and NSA defend us, forever on guard against the one mistake that may bring it all crumbling down?

This "too big too risk" is precisely why we need this, and needed it twenty years ago. And we need it now, so that we aren't in a worse spot next year, etc.

To lessen the pain maybe for the first few years only "mostly harmless" hacks with full disclosure could be made fully legal. We could ramp up slowly.

Yes, math is not like gravity and can be overturned by legislation. Really now?
So what does he suggest? I think we are supposed to read between the lines, but I am not sure what that is yet.

Is it just pointing out an interesting contradiction and we should enhance and improve existing products, or there a message about moving back and reverting to using weak encryption like before or treating it like "munitions" for purposes of export control. So you you end up in prison just as long long for using OpenSSL as for reselling grenade launchers.

Yeah I can see how PR is on government side here -- "look terrorists use this and other horrible criminals, this needs to be stopped".

The answer usually is -- "Ah, but think of the human rights people from <insert far away country>" or make a reference to some generalized principle from the Constitution about freedom from search. Both of those lose in comparison to an image of scary guy with a bomb under their arm.

So the answer is to operate at the same level of PR. Bring in issues people can identify with: for companies and enterprises remind them of the Target credit card breach, about the Sony hack and how embarrassing that is. Or for private individuals talk about identity theft. Everyone has heard about that how disruptive and upsetting that is. "We need stronger encryption to protect you from criminals" kind of message.

(I am not the first one to think of this, I noticed Apple applied this in their response to FBI. I just thought it was a great approach).

> So what does he suggest? I think we are supposed to read between the lines, but I am not sure what that is yet.

I think the larger implication of the essay is to consider addressing privacy from a systemic/game theory perspective. The underlying threat isn't technological, but in the response to technological capabilities. Encryption is just another capability that provokes a response.

That's valid. I think they way it is presented it is easy to mis-read it. I kind of hinted at finding a better way to respond to the problem in the PR domain.

However,a technological solution can still help. For example, focusing on plausible deniability, traffic hiding, dead man switches and so on. Technology is just another approach and for some it might be easier to work with for some and easier to disseminate.

I agree that by pointing out how technology can potentially make the problem worse, the essay can easily be interpreted as a call to throw out the baby with the bathwater.

Perhaps that was the intended message, but I'd like to think it was deliberately provocative to stimulate the right kind of thinking.

Crypto is just bringing back real-life privacy options into digital space.

IRL, two people could go to some quiet place and have a private talk. If they feel suspicious, they might have checked the place for not being bugged (hard, but possible).

In the Internet, the default communication mode was public, which was exploited by NSA and other surveillance organizations. But now, thanks to usable crypto, two or more people can also have a private conversation, and if suspicious, they can check for not being MITMed (also hard, but possible).

Therefore, crypto brings nothing new to expectations of privacy, and the entire premise of this article is wrong.

Nice try, NSA.

Given the pitch in the article, I think they may be switching up for "Ministry of Truth".
I'm probably echoing others by saying this, but: I don't agree that there is even correlation between more encryption and less privacy. Even if we were not attempting to subvert injustices done to us by our own governments by providing technical solutions, I believe wholeheartedly that many governments would still be attempting to decrease our privacy in every possible way. They're using increased encryption use as a scapegoat, but they have never had a shortage of scapegoats. Not employing strong crypto wherever possible would be irresponsible for the future of our privacy. Likewise, not engaging in political activism to change laws that impact our privacy would also be irresponsible. We need to do both, whenever possible and necessary.
Typically (in the US) it's been the executive branch that has tried to subvert privacy (see COINTELPRO), and the judicial which has (sometimes) upheld it. However, because crypto would actively impede the ability of the judicial branch to use warrants, I imagine it would alienate our typical ally.
That might be true, and that's a conversation we should definitely have, as we decide how we will be governed in the future. But that alone does not mean less crypto is preferable.
<rant>

everything means everything. lately i am starting to become really mad at high schools and universities for teaching this "x implies y" mentality as a tool to look at real world phenomenas. thanks to this kind of "education" everyone constantly feels like s/he is discovering some Ultimate Truth™ and thus fails at accounting for a chaotic, ever changing world. "cause and effect" may exists but these pattern mostly happens on a scale for which human language is just too clumsy.

stop writing and discussing these articles. if you really got nothing better to do at any point in time, just stare out of the window for a while and relax a bit.

</rant>

>When Edward Snowden made it known to the world that pretty much all traffic on the Internet was collected and searched by the NSA, GCHQ (the UK Government Communications Headquarters) and various other countries' secret services as well, the IT and networking communities were furious and felt betrayed.

That's not how I remember it. Among those communities it was pretty well known that such surveillance was occurring. Knowing the scope of it caused a sense of obligation; that we should finally get around to adding some privacy protection to day to day internet traffic. Everyone knew that it was something that had to be done sooner or later.

I think the author is completely wrong on the premise that more encryption has meant less privacy. People are using more encryption because we already had no or little privacy. It hasn't gotten worse, it was already this bad.

He is right on one count though, this isn't a technical problem and it cannot be solved through a purely technical solution.

Mr. Camp has written about this topic before, see

More Encryption Is Not the Solution (2013) https://queue.acm.org/detail.cfm?id=2508864

http://www.techrepublic.com/blog/it-security/escaping-the-dr...

"The recent exposure of the dragnet-style surveillance of Internet traffic has provoked a number of responses that are variations of the general formula, ‘More encryption is the solution.' This is not the case. In fact, more encryption will probably only make the privacy crisis worse than it already is."

https://lists.w3.org/Archives/Public/ietf-http-wg/2013JulSep... Re: Mandatory encryption is theater

" Correct, but if you make encrypt mandatory, they will have to break _all_ encryption, that's what the law tells them to.

As long as encryption only affects a minority of traffic and they can easier go around (ie: FaceBook, Google etc. delivering the goods) they don't need to render _all_ encryption transparent. "