Submitted via IRC for SoyCow1
Trump's Department of Justice is trying to get a do-over with its campaign to get backdoors onto iPhones and into secure messaging services. The policy rebrand even has its own made-up buzzword. They're calling it "responsible encryption."
After Deputy Attorney General Rod J. Rosenstein introduced the term in his speech to the U.S. Naval Academy, most everyone who read the transcript was doing spit-takes at their computer monitors. From hackers and infosec professionals to attorneys and tech journalists, "responsible encryption" sounded like a marketing plan to sell unsweetened sugar to diabetics.
Government officials -- not just in the U.S. but around the world -- have always been cranky that they can't access communications that use end-to-end encryption, whether that's Signal or the kind of encryption that protects an iPhone. The authorities are vexed, they say, because encryption without a backdoor impedes law-enforcement investigations, such as when terrorist acts occur.
[...] "Look, it's real simple. Encryption is good for our national security; it's good for our economy. We should be strengthening encryption, not weakening it. And it's technically impossible to have strong encryption with any kind of backdoor," said Rep. Will Hurd (R-Texas), when asked about Rosenstein's proposal for responsible encryption at The Atlantic's Cyber Frontier event in Washington, D.C.
Source: Great, now there's 'responsible encryption'
(Score: 3, Insightful) by Anonymous Coward on Monday October 30 2017, @10:26AM (4 children)
'Responsible encryption' is no more responsible than 'intelligent design' is intelligent.
(Score: 3, Informative) by c0lo on Monday October 30 2017, @11:51AM (3 children)
'Responsible encryption' is like 'responsible rape'.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 3, Touché) by Anonymous Coward on Monday October 30 2017, @01:35PM
Responsible encryption enables nonconsensual decryption.
(Score: 0) by Anonymous Coward on Monday October 30 2017, @03:36PM (1 child)
Actually, it's a lot like "responsible disclosure" - the idea that when you find a security hole that could cause untold lost data for millions of people, you should give the marketing department three to six months to do damage control before telling those affected that they are at risk.
Both are based on the idea that the bad guys will never know what the good guys know, and that the people who do get the information are by definition the good guys, and both are in reality only an advantage to the bad guys.
(Score: 3, Insightful) by DannyB on Monday October 30 2017, @04:08PM
Responsible Disclosure means that you contact the party with the vulnerable system. In the current environment, describing to a big corporation how their vulnerable system can be trivially exploited is likely to get you arrested or worse.
It seems a lot safer to anonymously leak the information in a way that gets widest possible exposure.
If the big corporations don't like it, they brought it on themselves by their past behavior towards people who tried to responsibly disclose. Sort of like how advertisers created the necessity of ad blockers by their own unrestrained out of control behavior.
Satin worshipers are obsessed with high thread counts because they have so many daemons.