SoylentNews is people
SoylentNews
Like other politicians and government officials, President Trump's nominee for the position of Attorney General, Jeff Sessions, wants to have it both ways when it comes to encryption:
At his confirmation hearing, Sessions was largely non-committal. But in his written responses to questions posed by Sen. Patrick Leahy, however, he took a much clearer position:
Question: Do you agree with NSA Director Rogers, Secretary of Defense Carter, and other national security experts that strong encryption helps protect this country from cyberattack and is beneficial to the American people's' digital security?
Response: Encryption serves many valuable and important purposes. It is also critical, however, that national security and criminal investigators be able to overcome encryption, under lawful authority, when necessary to the furtherance of national-security and criminal investigations.
Despite Sessions' "on the one hand, on the other" phrasing, this answer is a clear endorsement of backdooring the security we all rely on. It's simply not feasible for encryption to serve what Sessions concedes are its "many valuable and important purposes" and still be "overcome" when the government wants access to plaintext. As we saw last year with Sens. Burr and Feinstein's draft Compliance with Court Orders Act, the only way to give the government this kind of access is to break the Internet and outlaw industry best practices, and even then it would only reach the minority of encryption products made in the USA.
Related: Presidential Candidates' Tech Stances: Not Great
(Score: 4, Insightful) by mendax on Wednesday January 25 2017, @07:31PM
This is what idiots like Jeff Sessions and his ilk do not understand: You can have strong encryption without backdoors or you can have NO encryption. There can be no in between. There can be no half measures. With regard to strong, nearly unbreakable encryption, the cat is out of the bag and no amount of regulation will put it back. Law enforcement is going to have to accept this fact. If backdoors are mandated, there will be some entrepreneur outside the United States who will provide the means for encryption without a backdoor. And, of course, everyone here knows that a backdoor is just an invitation for the black hats to break in and steal personal information.
I'm sure that government would like to opt for NO encryption, but that is impossible because it is a vital part of the American economic system now. E-commerce and banking is impossible without strong encryption.
There is also another argument against backdoors. At one time there was a proposal that in order to use strong encryption one had to register one's private key with the federal government. That's all well and good except that because the cat is out of the bag regarding public key encryption, such a regulation will mean that only the bad guys will have unmonitored communications.
In short, backdoors simply will not work and it's about time these idiots figure this out.
It's really quite a simple choice: Life, Death, or Los Angeles.