Home / Blogs

Encryption = good : Backdoor = bad

Every time there is a tragic attack on people or property, there is a cry from various authorities or politicians for law enforcement to get unfettered access to all kinds of communication tools.

But that would cause far more harm than good, and is a really bad idea.

The argument goes something like this:

These bad actors hide behind encrypted communications to plan their evil deeds. Therefore to stop them, law enforcement needs to have access to all this. Therefore we need to have backdoors built into all encryption that law enforcement can use.

This is flawed in many ways.

There is no evidence that unfettered access to communications helps. Sometimes the information was actually available, but no one managed to put it together ahead of time to stop the evil deed.

There is no way that backdoors can be limited to use by law enforcement. They will inevitably be discovered by others and used for evil, thus rendering encryption and all the protection it provides useless.

Bad actors will stay a step ahead. If mainstream communications and encryption tools have backdoors, they will just create their own secure communications channels.

But don't just take my word for this. Read, for example, this article by security expert Brice Schneier entitled Why we Encrypt.

And this article by Cory Doctorow on how ridiculous British Prime Minister David Cameron's comments on the need to backdoor encryption are entitled, 'What David Cameron just proposed would endanger every Briton and destroy the IT industry'.

And this article by Mike Masnick of Techdirt entitled, 'The Paris Attacks Were An Intelligence Community Failure, Not An 'Encryption' Problem'.

Originally published on the Slaw and elegal blogs

By David Canton, Technology & Business Lawyer at Harrison Pensa LLP

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

They just don't ever learn. I've said By Lynda L. True  –  Dec 13, 2015 12:37 pm PDT

They just don't ever learn. I've said the same thing every time this moronic argument shows up, and I wish that the talking heads occupying the space that journalists used to be in would pay attention to this:

We[*] are NOT the only people who know how to write encryption. We never were. Back in the ITAR days, it was true. It still is. The intelligence community is lazy, and their arguments are shallow. I don't want to live in a cotton batting lined world. I surely don't want to live in one where I give up my privacy to provide the illusion of security to others.

[*] You may place any definition of "we" you like, from USA to Five Eyes, or any other.

Add Your Comments

 To post your comments, please login or create an account.

Related

Topics

Brand Protection

Sponsored byAppdetex

Domain Names

Sponsored byVerisign

IP Addressing

Sponsored byIPv4.Global

New TLDs

Sponsored byAfilias

Whois

Sponsored byWhoisXML API

Cybercrime

Sponsored byThreat Intelligence Platform

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias