Here we go again with Senator Ron Wyden claiming that "Congress" may do something even though it's only it's just him and possibly a handful of crypto warriors and Google water-carriers in Congress that are going to oppose the federal government's request not to create invincible encryption and enable criminals on cell phones and other communication devices.
Wyden always stumps for the copy-leftist and crypto-kid position -- anti-SOPA, anti-CISPA, anti- anything that curbs Internet lawlessness or attempts to make the Internet the same kind of highway under the rule of law as any real-life highway.
And so it's no surprise that he's picked up the sectarian view of the ACLU's Chris Soghoian, Trevor Trimm of the Foundation for Freedom of the Press and all the Snowdenistas that if the government has a "back door" into phones this will somehow mean the end of the world for freedom and privacy.
Let me point out that the very use of the term "back door" delegitimizes the act of government monitoring of communications -- which should not be delegitimized when it is lawful pursuit of criminal suspects.
The companies should provide "front doors," and their failure to do so is part of a general crypto-war hysteria which will lead us right here soon enough, and has already.
Why isn't reason being used on these hysterics?
Of course for as long as there has been telephones and other communication devices in America, the government "had a backdoor." The feds or police could get a warrant and put a wiretap on a phone. Nobody fretted about "back doors" and "criminals being able to do this, too." Of course there were taps without warrants too, and the case could be made for these in some instances.
Now, even with a warrant they will not be able to access suspects' phones because they have uncrackable locks on them to ensure privacy -- privacy that even trumps crime control.
The "back door" always is portrayed as something sinister, but the government's ability to wiretap phones is not sinister, it is lawful and moral in a country under the rule of law in order to fight crime and terrorism. The extremists are not conceding that; Wyden is leading the charge now.
This is worrisome, because by his own admission he led the one-man-band against SOPA, and merely because Google and related NGOs could stampede the tech media and the tech-savvy cool kids, Congress rolled over, fearful of appearing uneducated about technology.
There wasn't a case against SOPA, but it was hard to be heard over the noise of Google needing free, uploadable content always and everywhere to sell its ads with.
This case might be easier to make morally and legally but Congress better have its wits about it or Wyden will undemocratically win again.
His arguments are the ones that crypto guru Bruce Schneier and others have made for years using the open-source cult perspective of "privacy for me and not for thee." The crypto kids get to have maximum encryption to do whatever, including running anarchist movements to overthrow the government, aiding terrorists and thug governments such as Russia and Iran have. Meanwhile, free and liberal states like the US have to have maximum transparency under this coercive scenario, and if they don't provide it, Manning and Snowden will hack the hell out of them and provide the world's bad actors with classified documents. Nice work if you can get it -- and they do, easily, because of the Wikification of Everything.
Wyden cites the same bad argumentation the sectarians have for years -- and watch it go mainstream now that a mainstream paper like the Christian Science Monitor has picked it up. That notion is that "the bad guys" will be able to find and exploit these "back doors" so it is better not to have them at all.
Of course, this is specious and binary thinking. You can't design a system based only on the hypothetical that a bad guy might decrypt it. You don't say "the bad guys might rob houses so let's not have locked doors with keys." You design a system to deter and work as best as it can and be flexible about continually fending off the inevitable challenges of spoofs and hacks that every single digital thing on earth has to face. That is the nature of software and there is no pretending otherwise. What would you rather have, the unplanned hacking of the inevitable vulnerabilities in supposedly invincible software, or a planned program where tech companies and the government cooperate in chasing criminals?
There's an essential intellectual contradiction here. Cryptos can endlessly create "math" and generate random sequences of numbers to foil decrypters and make decryption even invincible. Yet those attempting to keep out hackers can't use the same math principles, somehow, to keep out hackers by devising ways to change the keys. That's not logical. The ISPs shouldn't have data in one box anyway that any hack would get at the entire identity and contents -- compartmentalizing, "hashing" and "salting" and such -- are the way these systems are set up or should be set up. Therefore this hypothetical of a "bad guy" getting at the same key that a law-enforcer is entrusted to by a tech company to tap communications is only a theory.
I think the problem we're seeing now is what happens with a lot of tech and Interpret propositions. A tiny sect of ideologues imposes a notion on the entire public by invoking "technology". Well, let's hear from technologists outside of the sect. Really, you're going to make a box nobody open, not even your own company? Even though in the past you ran systems that eliminated obvious things like child pornography in customer content? You're sure that's a good idea and you're sure that you can't figure out a way to have sequences of numbers integrate with a changing key? Why?
Like every other online system in the universe, the companies will have to use a combination of encruption, obfuscation, social engineering and reiteration to fight the constant challenges of hackers that are a built in problem of an Internet that Tim Berners-Lee and other technocommunists deliberately created as a copyable, permeable thing for "sharing" and "science," never imagining that ordinary people might need it for "making a living" and "keeping secure". That other Internet that serves people and not sharer scientists with collectivist ideologies still is being built but the 'net routes around, and it will route around its misguided pioneers as well, fortunately.
But meanwhile, Apple can't be allowed to build boxes the government can't pry open even with a warrant and this sect that Wyden champions has to be exposed as what they are: enablers of crime, and worse, enables of anarchy to change liberal democratic systems.
One solution is having two-factor cooperation which is "complicated to build." OK, but that's better than creating unopenable boxes that drug dealers, terrorists and child abusers can thrive in.
And there is another solution to the problem Wyden is creating which he will hate, too, but too bad -- bring back CISPA. Yes, the government and ISPs and tech companies can have organic cooperation in order to control the tech monster that the Internet has begun. Imagine that. Not ever transaction has to be the totalitarian oppression that geek hysterics like to pretend it is. Just as you could have perfectly well blocked pirate sites just the way you block malware sites, the government and tech companies can cooperate to stop piracy and stop terrorism while they're at it by opening up the boxes that need to be opened for this purpose when and as needed.
Wyden and whatever comrades he gins up for yet another run at law and order has to be confronted with the obvious points here: crime, terrorism, mayhem. Just what is the good senator's plan for enabling law-enforcement to catch criminals? How are they to do this without the ablility to get into phones with a warrant? They're supposed to be driven back into the last century and become mere gumshoes personally tailing people again? What is the plan?
In other words, Wyden's invocation of a worst-case hypotheses for the "back doors" has to be thrown right back at him as a real case, not a hypothetical -- the bad guys will use encryption for crime *as they already have done, numerous times*. This we've seen amply in the exploitation of Tor and Tails for Silk Road, the drug mart, for child predators, and for anarchists.
The CSM invokes the "sweeping surveillance programs that collected the communication records of tens of millions of Americans." But the CSM, like so many boosters of Snowden, have never come up with a single case where they could say any of those millions of Americans actually were harmed, had their privacy busted, or were wrongly tracked by the NSA, by having, say, a Taliban boyfriend - a legitimate reason for surveillance .
Why is the CSM opposing FB Director James Comey and NSA Chief Adm. Mike Rogers? And oppose them they do when they give Wyden a loudspeaker in an article like this featuring his argumentations prominently and not enough air time to others with very reasonable counter charges. Indeed, Wyden spoke at a breakfast the CSM sponsored.
The CSM reports:
In response, senior officials including FBI Director James Comey and NSA chief Adm. Mike Rogers have demanded a secure channel to access encrypted data – which they say is necessary for law enforcement and intelligence to track criminals and terrorists.
Does the CSM think this is NOT necessary, and could they care to prove that?
They don't. Instead, they have one of these meme-quotes from Wyden:
What takes my breath away,” Senator Wyden said at a breakfast hosted by The Christian Science Monitor on Friday, “is that these are some of the most cutting-edge companies in our country. They pay workers good wages. They’re doing important research. Their brand is on fire around the world. And the federal government is going to say, on the front pages of the paper, it’s going to require them to build weaknesses into their products?”
Um, no, Ron. They're not going to require them to "build weaknesses in their product" -- certainly a tendentious characterization of what is needed. They're going to ask them to open up on demand, which means having a process and a system through which the feds can jack in. They can do this on copper-wire phone lines of the old-fashioned type, and the modern equivalent must be created for modern cell phones. There is no logic except sectarian Internetism to explain why it should be otherwise.
Remember the little sticky with the smiley-face? No one at Google every validated that it was true that the NSA broke into their servers at all. A former Google employee claimed this; there was other talk. It wasn't the CEO or founders of Google; it was programmers who didn't speak formally for the company. If Google, to protect its brand, has now made a big theatrical show of crypting its cloud and so on in response to Snowden-induced phobia, understood, but then what is THEIR plan for a society that has to fight crime and terrorism? Will they be sponsoring it with their products?
Why is it that Google, essentially an ad company with a free search loss-leader, so determined to support Snowden? I think on the whole, it's just Internetism (which is like Islamism), where anything that gets in the way of these big Internet companies being the ones to scrape data instead of anyone else is simply to be hated.
I think this has to do with the more exotic issue of founder Sergei Brin espousing a kind of one-worldist utopian government -- or non-government -- idea that is common among Soviets/Russians/tech people, and that there should be "no parties" and "no religion, too" as the John Lennon song "Imagine" has it. Brin wants just online likes or algorithms to decide things not parties, elections, and voting. So anything that means a state -- like keeping secrets that Snowden hacked -- isn't really in Brin's vision. That's my understanding of it, and if you have a better one, let me know.
I think in keeping with the California Ideology and left-libertarian ethos, Google naturally falls into a place where it wants encryption for non-state actors particularly itself and no decryption for states.
The current Apple phone encryption and related crypto issues is the third wave in a long-standing crypto war. The first was over Clipper Chip, when the industry -- or really, a few extremists like Mitch Kapor and other comrades whip-sawed companies and the government on this -- refused to have a chip that would enable the government to access devices. So they didn't, the Internet emerged, and more and more crime spread online.
The second was over PGP which the government wanted to classify as a weapon -- a very good idea for something that claims invincible encryption meaning it can be used by bad actors. The government didn't want this exported -- yet its makers wanted to conquer more territory. Eventually, the government lost this round, freeing PGP up to go on causing mayhem unchallenged.
This can't be allowed to happen in round three.
The alternative is the crypto horror scenario actually predicted in the 1990s and which is already largely here.