Banning encryption or making commonly-used encryption systems crippled might have some value in their book:
* You can still catch some criminals too dumb/lazy/small-time/poor to use better encryption.
* You can find evidence on people who didn't use better encryption because they didn't realize they were breaking the law.
* You can use hints/metadata found in unsecure channels (that you forced to be unsecure.)
* You can identify encrypted devices/communications as suspect (even more so than today) and investigate them especially.
* You can prosecute people just for using encryption and sleep fine at night because it means "they have something to hide", and are probably breaking the law in some other way.
These are compelling points for backdoors. A lot of low level crime could be eliminated if people's communications could be accessed at will by law enforcement. However, as Edward Snowden points out here [1], its not in society's best interests to eliminate all crime.
"A lot of low level crime could be eliminated if people's communications could be accessed at will by law enforcement"
Such as?
Keep in mind that eliminating low level crime is often very low priority for law enforcement: they only do this under pressure or when expecting some bonus for it.
There's a lot of crime that they could fight but virtually don't.
Also, most endemic low-level crime is best fought with policies and eliminating poverty, not by pinning petty criminals after the damage is already done.
It would be trivial to use GPS data from cell phones to issue automatic fines for speeding. Profitable too - such a project could certainly pay for itself.
ALPRs are so much better for that. You can't easily spoof the data and you can't pretend you're a good driver by slowing down just before a scanner. I keep wondering why they aren't deployed on every other road everywhere. It sounds like something that would quickly solve the problem of speeding (and related deaths).
How is speeding a problem that we should want to solve?
I mean, you implicitly acknowledged that speeding happens all the time. Yet we don't have a huge death rate from it. It's not a safety problem except in fairly rare situations, it seems to me. It's an administrative problem.
I'd go so far as to say that speed limits themselves are the problem. They're set too low to allow easy money from fines.
Because it does happen all the time, and it is one of the primary causes of road fatalities. And yes, we do have a huge death rate from it, which dwarfs things like drug or terrorism-related deaths.
People are irresponsible. Many drivers in particular think they're above-average and smarter than the people who designed the traffic signs. Treating speed limits as "just a suggestion" makes it more difficult for people with actual understanding of traffic patterns to design them to ensure optimal flow of cars. Most of the drivers I personally know are textbook cases of https://xkcd.com/277/ (though I do know a few responsible ones, and I respect them deeply for that).
Yup. You take two shots few kilometers apart and calculate the time it took the car to cross that distance. You can't cheat that easily; if you've crossed the distance faster than distance/maximum_legal_speed, you've been speeding, period. That's why many drivers hate them - because they work and can actually enforce some common sense from them.
We have a nice road with those in NL, it's 5 lanes (where before we had 2) per side, the speed? 100 Km/h. The old 2 laner had a maximum speed of 120 Km/h.
Goldmine for the government though, just about anybody that drives there the first time thinks they must be the only ones who don't realize that 100 Km/h is a bit slow for a road like that.
Well, if the limit is 100 km/h and people still drive 120 km/h, then it's only their fault that they get fined. Limits are limits, you are supposed to respect them.
The situation would be different if, for instance, those limits would be obscured or appeared suddenly, and you'd have police forces enforcing them there on purpose. I've heard of cases like that.
Did anyone actually ask the people who put the limits about their reasoning though? Maybe this is the value that came out of simulations. Maybe it's a part of an environmental strategy (going 120 km/h uses much more fuel than 100 km/h and thus leads to greater emissions). But maybe the simulations were wrong. I'm sure that there are proper channels one could use to dispute the limits. But just disregarding them because they 'look wrong' is pure hubris.
They look wrong because we have 130 Km/h on a very large chunk of that road and the last bit (the widest) then becomes 100. It basically suckers in everybody driving there the first time so it's not as if it is clear to most drivers what the limit there should be. Speed limits should make sense, not be arbitrary.
That they change them frequently doesn't help either.
Phones don't have to phone home with GPS data and they actually don't since it will ruin battery life even further.
Will also fine passengers which is hilarious.
Speeding is most often victimless crime so it's not obvious why it is absolute good for me, the citizen.
You'd have to legally mandate that people carry a phone at all times otherwise I'd just leave the phone at home and go speeding and/or cripple the GPS unit.
Hell if I where inclined I could feed the GPS unit false data showing I was doing 30 in a 30 to deliver food to a nursing home.
What about using your phone as a key? To turn on your car you have to put your phone into a deactivated mode (like a drive dashboard) that has significantly decreased functionality. I'd bet parents would be rather interested in this (and perhaps car companies).
>Speeding is most often victimless crime so it's not obvious why it is absolute good for me...
Not always. The stopping distance from 35 mph to 40 mph is a good bit. I haven't found any numbers on 35 mph, but it seems that 30 mph has a stopping distance of ~75 ft, while 40 mph is ~120 ft. If you're going 5 over in a 35 mph zone (which is normally a city) there is an increase in brake time that could potentially put someone at risk of being hit. Is it victimless if you put someone elses well being at risk by being hit by you? Because you wanted to get somewhere slightly faster?
I think I can put it more succintly: "Just because you call yourself a senator doesn't mean you're not a terrorist". After all, what is the abolition of privacy if not terrorism. You force a large population to follow your ideology by stripping them of their right to privacy and constantly hanging the threat of prison over them. This is precisely what "to terrorise" means.
| A lot of low level crime could be eliminated if people's communications could be accessed at will by law enforcement. |
Or by not having piddly bullshit actions be illegal in the first place... The only power a government actually has is to make criminals of its citizens.
..Which seems to be fairly on point with your link. Cheers.
The supreme court's definition of "arms" is not something that can be changed by passing a law. Just like you couldn't hack the second amendment by defining arms to be muskets.
I don't understand what you're saying. Did you miss the entire reference that XKCD strip was about? You do know that we had to fight to remove encryption as being classified as a weapon and instead protected as free speech, right?
And if they mandate escrow keys for communication, who's to say they won't push for the same thing for package signing keys? I'm sure the three letter agencies would love to be able to ship compromised binaries to their targets' computers.
They might actually do stuff like that, but that's just smoke and mirrors.
It is much easier to mandate a way to run code on modern systems, in the "SMM" style, upon seeing a cryptographic signature which the NSA holds the key across the memory bus. About 20 people in each of Intel, AMD, nVidia, Qualcomm, Apple need to know about it (well paid and NSLd to shut up; perhaps even NSA employees embedded in these companies and the companies themselves none the wiser), about 3000 transistors which would be lost in today's many-billion transistor CPUs. It doesn't have to be fast, and not even perfectly reliable - it just needs to work.
In fact, I'll be astonished if in the future it turns out that such a thing is not already implemented today. Do you really thing the NSA doesn't yet have a copy of Intel's microcode signing keys?
This is the war they'll surely lose, but in process they will destroy a lot of lives and careers, including their own. They might also weaken the position of their country in the world (as export restrictions on crypto surely did for the US) What makes them start it?
Shrugs, when the US Gov can keep it's highly sensitive OPM database from been stolen and can go breach-free for more than 15 minutes then I might believe they might be able to keep the third party keys secure.
However I still then don't think they should have the key anyway.
Putting the contents of the article aside - it's an important topic but most of us are on the same page: Given the Washington Post is owned by Nash Holdings LLC/Jeff Bezos, would it be fair to presume that Jeff realizes the success of Amazon's web services internationally is important and strong security plays a big part in whether the division will be supported by tech businesses internationally? Or do you think Jeff believes encryption is important on a moral basis?
Alternate but less interesting considerations: Jeff had nothing to do with the article or Jeff prefers the government stays out of his business.
Jeff Bezos undoubtedly had nothing to do with this op-ed. He's a busy guy with Amazon, and has made it clear that he will stay out of the editorial decision-making at the post.
In addition, the authors of this piece are not folks who Bezos could push around even if he wanted to. The only way they would write this piece is because they wanted to.
Politically, this piece is a big deal. These are "national security establishment" type folks, directly disagreeing with their successors in government today.
I agree with your assessment that this piece is a big deal, politically.
I disagree with your "undoubtedly". I think there's a fair to middling chance Bezos did some meddling in the editorial process - made a few phone calls, dropped some hints, bent the ears of an editor or two. Newspapers always protest that financial interests don't interfere with their reporting, but time and again, we find out otherwise.
If he's influencing things, let's hope he didn't influence their previous editorial board editorial on this, because it's downright naive and stupid. See link in my other comment in this thread.
That's it in a nutshell. The tools are out there. You can't put the genie back in the bottle.