A debate on encryption has been warmed in the US that the government and representatives of push legislation for a "backdoor" in encrypted communications. As we mentioned in yesterday's blog, we are firmly opposed to backdoors, and we compiled against-arguments to the points raised by the government. But first, let's set the scene. Here is what the government - and the opposition - say
The government says
FBI Director "Encryption is not only a technical feature; . it is a marketing argument "
British Prime Minister: " There should be no "media" that
Economist "we can. not read. "" high-tech companies must be reconciled with the fact that any previous form of communication of the conversation to the letter on the phone was open to some form of listening: they can not claim their kingdom is so distinct and inviolate that can endanger the lives of others, especially as the number of people who need to be monitored is in the thousands. Fear must be on supervision and due process. . The monitoring of individuals must be approved by the independent judges, not politicians "
The opposition says:
US Senator Leahy: "Fifteen years later, the vast majority of security experts explained that the creation of a special access for law enforcement would still bring in cyberspace significant security vulnerabilities. - at a time when we need the strongest possible cybersecurity "
Pete Swire, a law professor, Georgia Tech: " it is more accurate to say that we are in a "golden age surveillance "for the application of the law to state that it is" Going Dark "
argument
in a recent study prevented the encryption wiretap law enforcement to obtain the plain text of communications in only four criminal wiretaps authorized 3554 in 2014. only 0.1%! The government says it is smoke, but where's the fire?
Here are some arguments for the backdoor encryption put forward by the government. We responded with arguments against each of these points
Argument # 1 : .. Backdoors are easy to create - we have not tried hard enough
FBI Director Comey echoed this point at a Senate hearing a few weeks ago when he said: "American ingenuity is great, so I do not really believe all these experts in science iT who say it is "too hard" to give the government access. I think they are not really trying "
Counter Argument :. Cryptography is hard enough without creating backdoors. In the past, multiple encryption vulnerabilities were exploited, including CRIME, BEAST, and heartbleed Logjam. Adding backdoors increases the level of difficulty in cryptography, leaving room for other vulnerabilities that can be exploited.
There are a few weeks, a group of eminent computer scientists in the world and security experts issued a report concluding that any special access for law enforcement would pose "serious security risks , jeopardizing innovation and raise difficult issues for human rights and international relations. "last month, nearly 150 security specialists, technology companies and other organizations have written to the President by . similar items
argument # 2: Everything is "going dark" - we can not access the data we need
against argument .: law enforcement in the golden age of surveillance has access to (1) location information, (2) information on contacts and friends (aka the social graph); and (3) a network of new databases. law enforcement has also always access to traditional investigative techniques such as interviews and plea negotiations. These existing techniques should simply be upgraded, rather than replaced, by the age of the gold watch
Argument # 3: .. We want to come through the "door entry "to the assignments
Counter: no, that's not true. The government still wants to go through the backdoor. The government has abused the third doctrine and prefer to get third-party information directly to users. Some examples of this include the system of NSA wiretaps and the DEA and FBI use of hindsight the evidence chain to "replace" the evidence they initially obtained from the NSA. Recently, there was even a decision in New York said that companies can not act on behalf of their clients to protect consumer data.
Fortunately, encryption increased adoption zero encryption of knowledge and from start to finish has allowed some service providers, such as Apple, to fight against this and say that they can not access data and it is necessary to talk to the end user. So the only reason the government wants to encryption backdoors because his favorite backdoor via third closes. As such, we need to encrypt more under the law of force coming through the front door
Argument # 4 : .. It is the fault of Snowden - he made everyone to encrypt
against argument: Encryption existed long before Snowden. During the American Revolution, Paul Revere encryption used when he said "if a floor, two if the sea" to warn the British attack. Technology companies, even before Snowden had many reasons to deploy encryption strong. the encryption both improves cybersecurity and strengthens the trust of customers. Thus, the continuous development of encryption should not be considered primarily as a short-term response to revelations of Snowden . encryption fueled the boom of the Internet by indicating in the 190s for a reason. It creates trust, which in turn creates trust communications and communications create trade. We must remember that encryption was originally created - Snowden before - because we did not trust malicious actors and people who attack our data were considered thieves and criminals Snowden did not cause everyone to be encrypted, just mistrust of governments previously. approved.
If backdoors are mandated, there will be considerable effects
If backdoors are mandate, the government will also be mandatory insecurity and sacrificing freedom in the process . There will be a negative effect on activity. It will cost jobs and threaten technological leadership positions in the US, while doing nothing to prevent bad actors to use strong encryption
What's worse, the United States will in the same way that countries with authoritarian governments. - Like Syria, Iran and China - which limit the use of secure technology via the network filtering, deep packet inspection and other technologies. Backdoors will impact our ability to lead in technology and in matters relating to human rights worldwide.
There is much discussion about backdoors used for security and access, but also backdoors are synonymous with "vulnerability" and "exploit." If they are mandated backdoors will be exploited by malicious actors. These groups are already trying to find and exploit unknown vulnerabilities - if they know there is a way, they will certainly find. A backdoor mandate is the equivalent of an invitation to exploitation.
Reframe the question
We must also think about how the encryption issue is framed. government access on behalf of the law enforcement sounds like a positive, but what is often left out of the argument is that encryption creates vulnerability and an opportunity to exploit.
So if no backdoors, so what should we do?
As said Snowden at SXSW this year, the encryption must be considered a critical infrastructure. We, as a country, we must invest in encryption and push for it in the technology community, especially
We should also ask ourselves this :. Are we supposed to provide the government with backdoors to our most personal data when they can not secure their own personnel files from being hacked?
0 Komentar