Do not let the government snoops weaken encryption

“The bill unveiled by the UK on Wednesday does not ban companies from offering strong encryption, although they must be ‘reasonable’ in handing over data,” John Gapper writes for The Financial Times. “These governments seem to have realised the danger of making a category error about encryption — mistaking companies for mathematics. Even if they stopped Apple and others from deploying end-to-end encryption (when a user’s phone or computer holds the keys to decrypting its messages), it would not prevent a terrorist or anyone else from using the technology — the algorithm is out there.”

“Citizens and consumers also have good reason to seek out encryption that works, that prevents any disaffected teenager who feels like causing trouble — or Chinese or North Korean hacker with serious intent — from intercepting messages and stealing our credit card details. The internet’s overarching privacy problem is not that there is too much security, but too little,” Gapper writes. “So the UK government rightly concluded that trying to eliminate strong encryption by law is more trouble than it is worth.”

Gapper writes, “In practice, the technology is probably less ‘unbreakable’ than GCHQ and the NSA publicly assert — they have cracked hard problems before and the NSA is said to be working on a quantum computer that would do so.”

Read more in the full article here.

MacDailyNews Take: The reason for mass encryption is the misuse of mass surveillance.

As we’ve stated many times: Because the U.S. government spooks trampled all over the U.S. Constitution, constantly demanding that Apple grant access to customers devices, Apple decided to remove themselves for the equation. And so, the government reaps what it hath sown. We guess law enforcement will have to get off their asses and do some old-fashioned leg work if they want to crack cases.

And, as we just wrote yesterday, when this UK bill was being reported as looking to ban strong encryption: Backdoors = insecurity. Wherever backdoors exist, it’s not only “authorities” exploiting them legally. Only a blooming idiot would believe in a “secure backdoor” accessible only by properly authorized “authorities.”

“Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.” – Benjamin Franklin, Historical Review of Pennsylvania, 1759

SEE ALSO:
UK Prime Minister Cameron backs law to make Apple’s iPhone encryption illegal – November 3, 2015
U.S. NSA seeks to build quantum computer to crack most types of encryption – January 3, 2014
Government pressure for Apple to bypass encryption reduced as iPhone owner enters guilty plea – October 31, 2015
Judge compares government request for Apple to access users’ iPhone data to execution order – October 27, 2015
U.S. judge expresses doubts over forcing Apple to unlock iPhone – October 26, 2015
US DOJ claims Apple lacks legal standing to refuse iPhone unlock order – October 23, 2015
Apple tells U.S. judge it can’t unlock iPhones running iOS 8 or higher – October 20, 2015
a href=”http://macdailynews.com/2015/10/20/apple-ceo-cook-defends-encryption-opposes-back-door-for-government-spies/”>Apple CEO Cook defends encryption, opposes back door for government spies – October 20, 2015
With Apple court order, activist federal judge seeks to fuel debate about data encryption – October 12, 2015
Judge declines to order Apple to disable security on device seized by U.S. government – October 10, 2015
Apple refused to give iMessages to the U.S. government – September 8, 2015
Obama administration war against Apple just got uglier – July 31, 2015
Edward Snowden: Apple is a privacy pioneer – June 5, 2015
U.S. Senate blocks measures to extend so-called Patriot Act; NSA’s bulk collection of phone records in jeopardy – May 23, 2015
Rand Paul commandeers U.S. Senate to protest so-called Patriot Act, government intrusion on Americans’ privacy – May 20, 2015
Apple, others urge Obama to reject any proposal for smartphone backdoors – May 19, 2015
U.S. appeals court rules NSA bulk collection of phone data illegal – May 7, 2015
In open letter to Obama, Apple, Google, others urge Patriot Act not be renewed – March 26, 2015
Apple’s iOS encryption has ‘petrified’ the U.S. administration, governments around the world – March 19, 2015

20 Comments

  1. This particular bit of idiocy is gone, but the issue still remains. Encryption is a win for privacy advocates, but it is also a win for criminals. The two assertions are not mutually exclusive.

    You don’t have to wear a tin hat to be worried about the public backlash if there is a significant uptick in the number of victims of crime who could have been saved if the police could still use the search and seizure provisions of the Fourth Amendment. The last big attack brought us the Patriot Act and a lot of communal tensions. What might the next do?

    If that worries you, consider that the next attack becomes more likely when the bad guys can freely communicate without any worries. If there were a proper technological fix for that, it would be a literal lifesaver. Since there isn’t, we are probably better off without unlimited hacker access than with the alternative. The public may not agree, though.

        1. What a disgusting comment. Yes, 3000 people died, but that’s because Benjamin Franklin’s prediction came true already. You are such a lowlife for trying drag 9/11 victims into the encryption debate to try and ‘win’ the argument that I’m only sorry you weren’t victim 3001.

          Shame on you, freedom hater.

    1. As ever: We The People win in the USA. We never compromise our rights because of criminals and the authorities that work to bring them down.

      As soon as our Constitutional rights are taken away, THE CROOKS AND TERRORISTS WIN.

      This is so DUH. I’m sick of the maniacal wannabe totalitarians pretending they have a toe to stand on. THEY are also the crooks. Seriously.

    2. Premature celebration!

      Government spokesmen have been carpeting the media all day saying that the bill does not try to limit end-to-end encryption or even strong encryption on a digital device. The bankers told the Tories that weakening the encryption on financial transactions would make the global economy completely hackable. Money talks, not just terrorists.

      However, the Government are doing their best to obfuscate the fact that the bill _still_ requires the sellers of computers, cellphones, and other digital devices to provide access to the police and security services on presentation of proper authority. There is no need for a ban on “end-to-end” strong encryption in transit, because the government will be able to read the data at either end.

      There’s no way to do that without some sort of back door. The bill doesn’t necessarily require remote access (hard to tell), but if a legally-sold device comes into the physical possession of the police, they can compel the seller to crack it or else. Every fool (which includes the PM) knows that any unlockable door can be exploited to bad ends. Although King Alfred demonstrated that his sovereignty did not extend to the tides, Queen Elizabeth’s Government are trying to defeat the laws of mathematics. The algorithms for strong encryption are out there, and the Bad Guys will use them whether Her Majesty’s Ministers bless it or not. This just makes Good Guys less secure.

      As the Government spokesmen have actually pointed out, this won’t affect the business model of sellers who are already collecting data from their users. Google and Facebook can probably comply simply by turning over the information they have anyway. So this bill is, in practice, aimed directly at Apple and other firms that have built their business model around NOT collecting user data. Apple even has that incorporated into their hardware (there is no way to track Apple Pay transactions or user fingerprints because of the secure enclave in the processor; it’s not just software magic).

      By the way, I’m interested in the 9 1-star votes. Can anybody demonstrate that strong encryption has not been a boon to criminals? I agree—and have quite clearly said I agree—that the proposed cure is worse than the disease, but that isn’t a reason to pretend that the disease doesn’t exist. I value my personal liberty as much as any of you, but I’m guessing that Joe Sixpack is more interested in keeping his family safe than in preserving even his own privacy, much less mine.

  2. Apple should offer a user selectable encryption thing that takes them off the hook and does what it does protecting consumers already, only under user control. There’s no way any company should be held responsible for de-encrypting their devices if the user has selected their own encryption. I would think anyway…

  3. Next year is an election year in the United States. Most of us will be able to vote twice: once in the Primary season within a party and once in November. Who you elect matters greatly – especially regarding privacy and the open internet.

    Ask any candidate you are considering how they would handle Ed Snowden and that will tell you a lot about their views regarding privacy and the Internet. He is a whistleblower and did not flee to Russia- he was trapped there in transit when the US State Department revoked his passport. Any politician who tells you he ran to Russia is an idiot, willfully ignorant or just an outright liar.

    Further, he turned the data over to 3 people- all American journalists- and no other person or government. He only went whistleblower after being blown off by Congressman, a Senators and Supervisors of Booz and the NSA. That information has been carefully handled despite the disinformation pushed by Obama,
    many of both parties in Congress and mouthpieces for the contractors that do most of our government’s spying.

    To my knowledge, only Bernie Sanders supports the view that he is a whistleblower- all the rest would like him disappeared incommunicado for most if not the rest of his life.

    Vote carefully, my friends.

          1. DavGreg, your true colours show through. Bernie Sanders is a commie who would do you in at the first opportunity. Think Bernie, think Mao, think Lenin and Stalin, think Bernie Sanders sanding off your tongue because you won’t talk.

            What a low-life scum you are DavGreg to try and foist a commie on the American people. A shame you weren’t victim 3002 on 9/11 to save us from your slime along with encryption and freedom hating Tflint above.

            My God, what are some people so stupid and blind? God gave us free will, all these stupid morons do not use it, but just fall behind the party line, be it commiecrat, friggin’ Microsoft crap and God know what else. MS-friggiNBC.

  4. There seems to be some confusion.

    There are two modes of encryption:
    1) Encryption of communications between parties (end-to-end)
    2) Encryption of stored information on the device

    The law would make it illegal to have hard encryption of stored information. I.e. Apple would have to have a back door for governments to access to whatever was on your phone.

  5. Maybe a different way to look at this is necessary. A model where High encryption is only usable within ‘regions’ similar to Region Coding of DVDs. If you are ‘out’ of the region specified for your device your data transmissions are unencrypted. Encryption schemes across ‘borders’ are made incompatible restricting ‘secure’ use between non-similar regional devices. If criminal elements use such devices they will be forced to ‘localize’ crime planning.

    1. We’re suffering right now from past use of the philosophy you describe Xennex1170. The NSA, Congress… made it illegal to export ‘munitions’ grade encryption outside of the USA. Therefore, the world default became a lame, crackable version of RSA encryption. That crap encryption is now throughout the world, including the USA, waiting to be cracked, identities stolen. And of course, that’s exactly what we’re seeing happening right now.

      Here’s the story:

      https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States

      1. Unlike the ‘weakend’ encryption exported outside the U.S. like the article refers to, I was suggesting strong encryption everywhere but active only on communications within the devices ‘authorized’ region and as long as the device is working in that region. If used outside or information is transmitted outside encryption would be removed. The intent of my idea is to allow information capture at the border between regions but never within the devices’ designated region. Thus each country is protected and criminal activity if to remain secure must remain within ‘localized’ regions. I am suggesting no cracking at all, simply no Encryption if your device or transmissions leave your ‘region’.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.