Computer scientists on the excruciating stupidity of banning crypto


#1

[Read the post]


#2

Key under the doormat is a good analogy.


#3

When the Thompson submachine gun came out it was advertised as giving the advantage to the police because criminals would not be able to get hold of it. Of course the old pray and spray rapidly became the choice of mobsters.
Once the ultra-secret decryption keys to the unhackable software have appeared on the dark net websites, it’s game over for everybody.


#4

The complexity of today’s Internet environment… means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws.

That’s okay. Criminals would never be able to take advantage of something like that. Neither would the Chinese, or the Russians, or Israel, or Iran…


#5

Great. Computer Scientists will be the latest scientists to be attacked by the GOP now. Go stand over there by the climate scientists and the biologists.


#6

Law enforcement agencies tend to be run by bureaucrats and political appointees. Both types feel threatened by experts, and the extreme right has no use for science or experts of any sort. It’s a match made in heaven.


#7

“You’ll find Prof. Nutt over there with the, erm, refreshments…”


#8

I look forward to banking without any digital communications whatsoever!


#9

But that’s an invulnerable security system, no?


#10

To say nothing of the criminals in law enforcement…


#11

Thank goodness we have a Democrat in the White House then. One who promised to protect our privacy.


#12

I’m not sure how parallel the situations are, but I’m reminded of logjam, where deliberately weak export-grade encryption ended up compromising security for a large number of users twenty years after its introduction.


#13

One item that is needed - and there are several ‘nearly there’ packages, apps, etc. - is easy to deploy and use, easy to understand, open source, freely available, strong, peer-reviewed provably strong crypto and devices that are open for it (i.e. upon which it can run and act), preferably most or all devices that store our communications and data.

You want my data, you must have my permission to decrypt it.

Sure, criminals will use it. But criminals already use crypto. What about an escrow system or a warrant court system? Well, that’s working out so well with the FISA Court and its siblings around the globe.

Here’s a real world example:

Guy who works for me, who I’ll call Mike, calls me just before U.S. Fathers’ Day. Says he’s got to take care of some family business and is headed to the city where his parents live and needs to be there a couple of days. Okay, he’s a great guy with a stellar work ethic and I respect him in every way. So, I’m concerned that this must be serious. I ask if there is anything he needs. He breaks down. He tells me to be careful and to tell all our company and our families to be careful…

His father called him late at night to ask for help. He made his son promise not get get mad and not to punish his grandson, Mike’s son, Jimmy, when this is all over. Mike promises and asks, “Okay, what’s going on, Dad”?

Dad says, “I’m just trying to get Jimmy home for Fathers’ Day.”

Mike says, “What are you talking about? Jimmy is home, he’s sleeping in his room down the hall.”

Dad mutters and stutters and asks to speak to Jimmy, won’t believe it.

Dad/grandpa and Mom/grandma have been taken for over $1M U.S., their entire retirement savings and the proceeds from a new mortgage on their house which they paid off when Dad retired, by a Mexican Prisoner scam.

The scammers claimed Jimmy was in Mexico partying with friends and was arrested… Pay us money and we can get him out and keep this off his record. Jimmy is also in the ROTC and plans a military career like his father and grandfather.

Long story, short sad end: Dad/Grandpa’s cell phone and laptop were compromised through a backdoor in a widely promoted “security” suite along with all the family, personal and financial detail needed to make the scam seem all too real to this man who retired as a Marine Colonel, then had a long second career as an attorney, tax accountant, prosecutor and finally a financial and investment advisor. Not someone easily fooled.

Strong security and crypto for his data could have helped, if it was easy to use, if it was the default, instead of a difficult to find and use option that, “I don’t need if I have nothing to hide.”

Now the retired grandfather is going back to work.

It sounds like some neat urban legend. It ain’t. It’s real people, the real fine details are for gorrier than I can portray here and their story is not unique. Their very real lives in a gigantic mess with wrecked credit, depending on their children, that they’re fortunate enough to be able to recover from in most ways with some effort and a much altered picture of their “golden years.”

Aside from all the other social and security issues their story raises, this is a glimpse of one scenario and one dimension of what will happen if crypto is weaponized and regulated in this way.


#14

Wow- really? I did not know that about the Thompson. Cool.

Even more proof that as long as there’s a way for something to go wrong- it eventually will.


#15

That is extremely sad.

He has a good point- there are plenty of people that don’t buy into this bullshit “I have nothing to hide” arguement, and would use crypto if they knew how.

Case in point- me. I have enough passing knowledge about crypto and what it is, and why it’s needed from reading slashdot and bruce schneier for years, but I don’t know anyone that can simply sit down with me, and show me how to use it. And I would if I could, but some things really only get through to me when someone physically shows me how it works.

I don’t do anything wrong, I’m not hiding a secret criminal life, I just don’t feel like letting the NSA watch me at will, and leave my data unguarded for people like that to use against me. Crypto is needed, but even using the term “strong crypto” makes it seem to a layman who knows nothing that having it must be like having armour piercing bullets- just the terminology like that I think scares the general public into thinking it’s somehow bad, or something only the government should have.

Here’s the only arguement anyone who believes the US government needs to hear to get it:

You have a group of people who amassed an enomormous database with the personal data of every government employee for the last 30 or so years- and then, because they didn’t care about those people’s data, or because they didn’t understand encryption, or because they were just technologically inept, they allowed that information to be compromised completely. Something that could have been thwarted by good crypto.

Now those same people are screaming something that would have covered their asses if they knew how to use it is “bad” and should be fundamentally flawed, so they can get access the same way the people who hacked them did because of nebulous “terrorists” concerns.

These are the same people who are also spying on your phone calls and internet use. They don’t seem to think you have anything to hide, and they were apparently not concerned with protecting the information of the very people that work for them. They fail to understand that if they can get access, anyone can- and that much easier.

Would you feel safe with people like that deciding international security protocols? I sure as hell wouldn’t!


#16

Beyond these and other technical vulnerabilities, the prospect of globally deployed exceptional access systems raises difficult problems about how such an environment would be governed and how to ensure that such systems would respect human rights and the rule of law.

What’s all this ‘governance’ and ‘rule of law’ and ‘respect human rights’ business, Poindexter? The whole point of banning strong crypto[1] is to make it easier for ungoverned TLAs to evade the rule of law and ignore those pesky human rights.

[1] and @Joe makes a good point about ‘strong crypto’. But there’s an even better one. Strong vs. weak crypto is the wrong framing. There’s crypto that works, and crypto that doesn’t. What works depends on the context, but deliberately crippling all of it just ensures that all crypto is crypto that doesn’t work.


#17

I’d be in favor of renaming “weak crypto” to “obfuscation”. It can be good enough for a limited range of uses, but real crypto it is not.


#18


#19

That reminds me of those Munitions t-shirts.

Which led me to thoughts of modernizing them using QR-codes, to be machine-readable.

Which led me to writing a generator of DXF files for laser-cutting masks for spray-painting QR-codes, for e.g. making such shirts or spreading links (or small generic blobs of binary or textual data) by stenciling them on surfaces.

Which led me to discovery that some (but not all) QR-code readers get confused by the thin strips of white that are inevitable to separate the pixels to hold the mask together. (And that if the stenciling was not perfect and the pixels got smeared and the lines obscured, it often worked better.)

Which led me to adjusting the code for working with generic pixel art.


#20

The “Grand Experiment” is over. “Good Bye America” we loved you.