"Demands by US and British security agencies for access to encrypted communication data have been dealt a serious blow in a report by an influential group of cryptographers and computer scientists who dismiss the move as unprincipled and unworkable." Guardian reading here
Pdf of report is here: http://dspace.mit.edu/bitstream/handle/1721.1/97690/MIT-CSAIL-TR-2015-026.pdf?sequence=1 Not only are the requirements coming out of the politicians mouths not clear (as it says in the report), it seems to me that technologists and developers have a natural ethical duty to at least "do no harm" (or Google's original do no evil), where that harm is foreseeable - which it is in weakening encryption systems. Some of what is being asked for (and acted upon by people working in the security services and some notorious private companies) is getting very close if not well over the boundaries of what is ethical/constitutional and into the territory of obviously immoral and illegal. No way am I cooperating in developing any system with the kinds of backdoors that are being asked for. Nor, as a user, will I use products and services that have those backdoors in them.
NSA Spying may cost US Companies over 35bn I am convinced they have been deliberately weakening encryption systems and protocols for years, not just the tech giants but also the government agencies we trusted to develop and implement them such as NIST and IETF. I am convinced the now well known exploits were deliberately designed into SSL and TLS but no one noticed them for years because everyone trusted them.
The thing that really concerns me here is that we are getting played. I dont think there was ever a realistic chance of getting encryption backdoors through the US congress. However they dont need to. It looks like the Snoopers Charter will pass parliament in the UK. The problem is that any change forced in the UK would need to be applied globally. A separate encryption key provided to the UK government could easily be shared with 5 eyes nations while any removal of end to end encryption would benefit all governments.
Michael Chertoff Speaks Out Against Backdoors https://www.schneier.com/blog/archives/2015/07/michael_chertof_3.html
Exactly. Like the Gun argument always goes. If you outlaw something the outlaws are still going to have it, while the law abiding won't. Same with closed "non-backdoor" software. That article was a nice read.
Agree, good read. My feeling is that this is not a lot about outlaws in the first place, they are the perpetual bogeymen - it's much more about centralising power and control in the "legitimate" law-abiding governments we have, and simultaneously reducing the power of citizens. Reading Machiavelli is fairly instructive on this front, what's more, that's explicitly what policy advisers to some governments do (e.g. Blair's government).
Again, much like the gun-control argument! Governments will get away with doing anything and everything so long as they keep flying the "for safety...for security...for the economy" banner and "what can government give me?" plebeians keep going along with it. Government, if anything, should inspire the best in its people rather than play on the worst.