SoylentNews is people
SoylentNews
Like other politicians and government officials, President Trump's nominee for the position of Attorney General, Jeff Sessions, wants to have it both ways when it comes to encryption:
At his confirmation hearing, Sessions was largely non-committal. But in his written responses to questions posed by Sen. Patrick Leahy, however, he took a much clearer position:
Question: Do you agree with NSA Director Rogers, Secretary of Defense Carter, and other national security experts that strong encryption helps protect this country from cyberattack and is beneficial to the American people's' digital security?
Response: Encryption serves many valuable and important purposes. It is also critical, however, that national security and criminal investigators be able to overcome encryption, under lawful authority, when necessary to the furtherance of national-security and criminal investigations.
Despite Sessions' "on the one hand, on the other" phrasing, this answer is a clear endorsement of backdooring the security we all rely on. It's simply not feasible for encryption to serve what Sessions concedes are its "many valuable and important purposes" and still be "overcome" when the government wants access to plaintext. As we saw last year with Sens. Burr and Feinstein's draft Compliance with Court Orders Act, the only way to give the government this kind of access is to break the Internet and outlaw industry best practices, and even then it would only reach the minority of encryption products made in the USA.
Related: Presidential Candidates' Tech Stances: Not Great
(Score: 2) by meustrus on Thursday January 26 2017, @03:42PM
That is indeed a middle ground. It's also completely unworkable because of whom it targets: service providers like Facebook or Apple. These service providers are the people with lobbying power. They don't want to succumb to this surveillance because of two reasons: 1) it incurs unnecessary expenses on their part (which is the same reason all industries resist regulation of any kind), and 2) it will make their users angry, possibly angry enough to leave the platform. And ultimately, while conservatives should be concerned about reason #1, security buffs are very concerned about #2.
It comes down to the exact same problem as digital piracy. Right now Facebook is like Napster: operating outside the rules (in this case the unwritten rules or else they'd have met the same fate). When Napster was shut down, users who left the platform didn't stop pirating. They moved to a decentralized platform that was harder to crack down on. Similarly, if Facebook were required to build in backdoors, users would leave in favor of a decentralized platform. This would similarly make it harder to enforce the rules, and much like the difference between DRM-based legal stores and torrents, the legitimate customers would end up with a product that is inferior to what the terrorists get. And the terrorists still win.
In short, if you make encryption illegal, then only terrorists will have encryption.
Which is how we get to where we currently are: the NSA gets secret powers because if they got what they needed by law, everyone would know what they are doing and the bad actors would work to prevent it. The NSA probably doesn't want Facebook to have legally required backdoors because that would actually make their existing tools - which rely on people using Facebook without really thinking about their security - less effective.
What the NSA should really want is specifically to target individual users, not services. The realistic fear is that terrorists will create a real encrypted platform outside of US control. They wouldn't even need to solve hard decentralization problems to keep the platform safe from air strikes; they could use the already-available decentralization solution that the Pirate Bay uses to avoid being shut down everywhere: keep lots of mirrors. Your "devil's advocate" scheme will do nothing to help combat this situation and may even help bring it about.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?