PDA

View Full Version : The Natural Outcome of the Encryption Wars in the U.S.




DamianTV
02-21-2016, 03:43 PM
https://danielmiessler.com/blog/the-natural-outcome-of-the-encryption-wars-in-the-u-s/?fb_ref=7cf4372140834817b2fc14bdd19e5cf3-Hackernews

(Begin Article quote)

We’re in a war of ideas regarding encryption. Specifically, it’s about whether having secure communication is a right of U.S. citizens, whether it’s primarily a tool of terrorists, and what its legal status should be.

Briefly, the positions look like this:


[ Pro-Encryption, Pro-Privacy ] Privacy is a right of free people, so we should be allowed to create and use systems that are both secure and resistant to being backdoored or “legitimately” broken into by governments in the name of security.
[ Pro-“Security”, Pro-LawEnforcement ] Terrorists use encrypted communications, and there will be times when we need access to encrypted data to save lives. Therefore, it’s the right thing to do to a) enable legitimate backdoors into systems that governments can use, or b) give governments specific tools to be able to bypass existing controls (when necessary)

This is all fine, but I think people are missing a natural progression that will happen if the government gets its way. It goes like this:


Government says it’s unpatriotic for U.S. companies to build secure communication systems that even they cannot defeat, because then it means they can’t help the government defeat them
Government passes laws saying it’s illegal to build such systems
U.S. consumers still want those systems
Foreign companies build secure communication systems that nobody has a backdoor into (not that company, and not any government)
U.S. consumers flock to that tool because it’s the only secure option, i.e. the government basically guarantees that U.S. citizens who care about privacy will need to use a non-US product, which puts U.S. companies at a massive competitive disadvantage
The U.S. government notices that they haven’t solved the problem with people (U.S. citizens or otherwise) using completely encrypted communications that they cannot intercept
Some terrorist gets arrested using the new, non-U.S. made encryption technology or product
The U.S. government makes it illegal for U.S. citizens to purchase or use any product that allows end-to-end encryption that cannot be bypassed by the U.S. government

Read that again.

Basically, once they head down this path, there is only one answer long-term: stop people in the U.S. from using secure communication.

Is that really where we’re heading? Is it right? Of course not. Is it possible? I hope not.

I don’t think people realize how much is balanced on this precedent-making case regarding the government having access to encrypted personal information.

------

(End of Partial Quote from article, I didnt quote it cuz of the lists)

If the above is correct, the long term consequence is that we end up with Zero Privacy and the Terrorists still win by using non U.S. encryption.