1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
# Phillip Rogaway - The Moral Character of Cryptographic Work
:::: tags
- Cryptography
- Society
::::
An appeal to cryptographers to ponder on the [Russell-Einstein
manifesto], consider the moral implications of their work, take a step
back from "crypto-for-crypto", and focus on "crypto-for-privacy" (or,
to name the threat more explicitly, "anti-surveillance research").
Harps on FBI Director James Comey's "law-enforcement framing":
> 1. Privacy is *personal* good. It's about your desire to control
> personal information about you.
> 2. Security, on the other hand, is a *collective* good. It's about
> living in a safe and secure world.
> 3. Privacy and security are inherently in conflict. As you
> strengthen one, you weaken the other. We need to find the right
> *balance*.
> 4. Modern communications technology has destroyed the former
> balance. It's been a boon to privacy, and a blow to security.
> Encryption is especially threatening. Our laws just haven't kept
> up.
> 5. Because of this, *bad guys* may win. The bad guys are
> terrorists, murderers, child pornographers, drug traffickers, and
> money launderers. The technology that we good guys use - the bad
> guys use it too, to escape detection.
> 6. At this point, we run the risk of Going Dark. Warrants will be
> issued, but, due to encryption, they'll be meaningless. We're
> becoming a country of unopenable closets. Default encryption may
> make a good marketing pitch, but it's reckless design. It will
> lead us to a very dark place.
This framing is dismissed as "inconsistent with the history of
intelligence gathering, and with the NSA's own mission statement",
without further explanation.
I wish the author had spent some prose explaining how exactly this
framing is fallacious. There is a footnote providing some references,
but as far as I can tell these references mainly reinforce the point
that the NSA's surveillance methods are a threat to privacy; it is not
obvious how "the NSA overreaches" contradicts "it's harder to catch
bad guys once they get better crypto".
For what it's worth, I found that [Aaron Brantly's
article](#aaron-brantly---banning-encryption-to-stop-terrorists-a-worse-than-futile-exercise)
does a better job at showing the shortsightedness of this line of
reasoning, as does this footnote:
> When crypto is outlawed only outlaws will have crypto.
[Russell-Einstein manifesto]: https://en.wikipedia.org/wiki/Russell%E2%80%93Einstein_Manifesto
# Aaron Brantly - Banning Encryption to Stop Terrorists: A Worse than Futile Exercise
:::: tags
- Cryptography
- Society
::::
The debate can be phrased as follows:
> Is increasing security in one narrow area worth degrading it in
> every other?
Answering "yes" overlooks two things:
1. Weakening officially distributed encryption will not impact
terrorists, who will simply move to new, unregulated platforms.
2. Once they have done that, we end up in a situation where lawful
citizens are stuck with insecure communication channels, and
terrorists are the only ones benefiting from state-of-the-art
confidentiality/integrity/authenticity.
|
