Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Encryption Privacy Security Your Rights Online

Without Encryption, Everything Stops, Says Snowden (thehill.com) 144

An anonymous reader writes about Snowden's appearance on a debate with CNN's Fareed Zakaria: Edward Snowden defended the importance of encryption, calling it the "backbone of computer security." He said, "Encryption saves lives. Encryption protects property. Without it, our economy stops. Our government stops. Everything stops. Our intelligence agencies say computer security is a bigger problem than terrorism, than crime, than anything else," he noted. "[...] Lawful access to any device or communication cannot be provided to anybody without fatally compromising the security of everybody."
This discussion has been archived. No new comments can be posted.

Without Encryption, Everything Stops, Says Snowden

Comments Filter:
  • by npslider ( 4555045 ) on Monday May 02, 2016 @03:17PM (#52030467)

    Freedom means the right to privacy. Solid encryption offers that privacy. It also gives criminals a way to hide their data from law enforcement. Long before the digital age, that has been going on in dark alleys and secret underground bunkers.

    The government sees a way to gain unprecedented power and will stop at nothing to get it.

    I find the trade off acceptable. I'd rather see a few more terrorists escape, than face a government that labels all who choose to encrypt a potential criminal, or worse.

    • by account_deleted ( 4530225 ) on Monday May 02, 2016 @03:42PM (#52030691)
      Comment removed based on user account deletion
    • by tlhIngan ( 30335 )

      Freedom means the right to privacy. Solid encryption offers that privacy. It also gives criminals a way to hide their data from law enforcement. Long before the digital age, that has been going on in dark alleys and secret underground bunkers.

      The government sees a way to gain unprecedented power and will stop at nothing to get it.

      I find the trade off acceptable. I'd rather see a few more terrorists escape, than face a government that labels all who choose to encrypt a potential criminal, or worse.

      Freedom al

      • I'm sure it's a lot easier and quicker to click "Add to Cart" than it is to call up a merchant and order stuff by phone.

        Unless you are using a secure phone, it's far more dangerous to give out your credit card information on the phone than over a secure web session. Odd, I remember when people did not trust using their card number online, but had no issues with the telephone. Funny how we see things differently over time. I don't think twice when I hit the "submit order" button, but always feel like I have to whisper my card number over the phone.

        But without encryption, I just may feel safer on the phone... or I may just tea

        • Really? the landline phone was more secure than the web. Going back a few decades, the only way you'd be able to snoop a phone conversation was to be a party to the conversation, work for the company (ie quality control supervisor), work for the phone company, or be hiding by the green tree and randomly changing phone pairs till you find an active line to a shopping network AND waste the time during the shopping and payment process. Rinse, repeat, you might get 3-10 cards for 8 hours of snooping.

          Compared

      • Freedom also means eternal vigilance. There are people who are jealous of people who have freedom and will do anything in their power to destroy it. (We normally call these people "terrorists").

        Having freedom means we don't try to oppress our freedoms to get rid of these bad people, but we live with them - it's the price of living in a free world.

        I don't think terrorism is caused by people being jealous of others freedoms. I think it is caused by economic disenfranchisement combined with fundamentalist religion. Heck, historically you didn't even need the religion. I know George Bush said they hate us for our freedom. But that was just propaganda designed to puff up our sense of self-worth so we say, "Don't hate me because I'm beautiful."

  • by gurps_npc ( 621217 )

    No one (to my knowledge) really, truly objects to 'encryption'.

    But a lot of governments object to encryption that they don't personally have a master key for.

    The things he talks about can mostly be done even if the government has a master key.

    The war is not between encryption and no encryption, it is between a government master key and no government master key.

    Now, I totally hate the idea of a master key for most thing. (I can see it for special cases, mainly around money - I want the government to be able

    • by Anonymous Coward

      The government having a master key means you are not using encryption, but a limited and known-to-be-insecure and thus arguably-not-encryption-at-all subset of possible encryption algorithms.

      • by KGIII ( 973947 )

        Well, it's still encrypted - it's just very poorly encrypted and not really going to be effective for very long. Then the "bad guys" will only need to have one key. That doesn't make it not encrypted. Just like locking your suitcase with a TSA approved lock still means it's locked. It's just locked with a very weak lock that's trivial to open.

        There's no magical definition for encryption that says it has to be good for it to be eligible to use the word. Not at all. Hell, we've even got phrases for varied typ

    • In a digital world, giving the government "the master key to encryption" is slightly more dangerous than broadcasting to the world, your street address, where the key to the front door is and where all the valuables are, and when you will not be home.

      The master key is just another word for "blank permission slip" to look at anyone's data for any reason that any secret court rubber stamps an approval on.

      • And as encryption is often used for verification purposes, a master key would also give the ability to modify information. That's something I'd rather not want.

    • by CrimsonAvenger ( 580665 ) on Monday May 02, 2016 @03:26PM (#52030551)

      The things he talks about can mostly be done even if the government has a master key.

      No, they can't. "Three men can keep a secret if two of them are dead".

      The fundamental assumption that the government can have a backdoor into all encryption that NOONE ELSE CAN EVER DISCOVER is ludicrous.

      Hell, it's ludicrous to suppose that none of the government types who have access to the backdoor will EVER misuse it.

      • Again, what you are saying is true, but IRRELEVANT. I totally agree that the government will misuse the master key. That is not something we disagree about.

        What I claim is quite simple - that Snowden's claim that our economy, government, etc. can not work without FLAWED encryption is wrong.

        Our economy works acceptably with FLAWED encryption. Is it a good idea? no. But his entire statement about 'encryption' being necessary misses the entire point of the argument.

        It isn't YES/NO on encryption, it is E

        • The economy today is almost entirely based on the public and business' trust in the ability to do (or appear to do) secure transactions online.

          If one or both groups twigs to the fact that there is no security at all, things will revert to the (equally insecure and MUCH slower) transaction by mail. Online purchases will cease.

          The US Fed isn't asking for "flawed" encryption, they're asking for NONE AT ALL.

          That's crazy town there.

          Plain and simple.

      • by DarkOx ( 621550 )

        Its worse than that. Lets go ahead and assume from this day forward nobody under government employee with access to the keys or control of key escrow system decides to do anything that is against law on their own behalf or the governments. Lets even assume they respect the gravity of the situation and always take the utmost care in their jobs, doing everything by the book every-time, never being lazy, never getting phished because they failed to perform a verification procedure completely and correctly et

      • And just today we have evidence that secret financial data/reports are being leaked prior to their release. And select individuals are getting to invest based on that information before everyone else.

        It is literally like being able to look into the future and invest based on tomorrows headlines.

      • Ed Snowden himself has demonstrated the problem with government secrets. (Unfortunately) All that it takes is one determined individual to unravel the whole deal.
      • I once had a saying from working in that field:

        If I can see you, you can see me. The uncertainty principle is a pretty powerful context.

        Now delaying or preventing you to see me.... that's intelligence work.

    • Re: (Score:2, Flamebait)

      by cfalcon ( 779563 )

      > No one (to my knowledge) really, truly objects to 'encryption'.

      > But a lot of governments object to encryption that they don't personally have a master key for.

      Encryption with a 'master key' isn't encryption. That's literally the whole fucking point.

    • The things he talks about can mostly be done even if the government has a master key.

      This is a fallacy. Evidence is that the government tried this before, and failed hard: https://en.wikipedia.org/wiki/... [wikipedia.org]

      If Key-Escrow were to actually work and be scalable - don't you think the Great Firewall of China would be using it everywhere?

      • by KGIII ( 973947 )

        So you're saying that the economy did not function during that time frame? You're saying that "everything stopped" during the time of the Clipper Chip?

        'Cause, I was there - I seem to remember it working.

        Do not, of course, think that I'm suggesting we do so again. No, to do so again would be idiotic. I entirely agree that the government are the last people I'd trust with a master key.

        I'm just not sure why you'd point to that and say it was a logical fallacy. 'Cause, well... Umm... I was there. The Clipper C

        • by Ken D ( 100098 )

          You must have a good imagination. Clipper chip never actually happened. It was still born.

    • by vux984 ( 928602 )

      But claiming that the internet depends on the government not having a master key is silly

      The existence of a master key is tantamount to not having encryption at all.

      The key would get out.All the bad actors (including the allegedly legitimate ones) that would misuse it would get their hands on it, and they would misuse it.

      There may as well be no encryption if you are going to create a master key.

    • It’s not the Internet that depends on it, it’s the security of all information which uses that encryption.

      What do you think a sovereign nation would pay to obtain that master key? Even if the key were restricted to just a few government workers, being able to decrypt the traffic of Fortune 500 companies or foreign governments would be worth billions to any other nation, particularly if said nation could obtain the key in secret.

      It’s almost like nobody saw “Sneakers” or somethin

    • Speaking of "master key," I once read about some sort of principle or rule-of-thumb that every security device has to have an escape hatch of some kind. For example, car doors could be opened with a "slim jim," safes and padlocks could be cracked by a qualified locksmith, and most password systems have a "password recovery" option of some kind. Does anybody know if there's a name and/or Wikipedia page for that principle?

      BTW, I'm not suggesting that government should have a master key, but I've been saved

    • by tom229 ( 1640685 )
      What are you taking about? The technical impossibility of having a master key for all encrypted data aside, where is this paranoia coming from? I can only assume from the hyperbole surrounding the recently proposed Compliance with Court Orders Act. [google.ca] I've linked it so you can actually read it. It's not long. You'll quickly notice there's nothing in there explicitly defining the type of thing you're talking about. Some people are concerned with some of the language being used and what it may imply, but this
    • Now, I totally hate the idea of a master key for most thing. (I can see it for special cases, mainly around money - I want the government to be able to undo thefts from large banks).

      I'd prefer they undo thefts by large banks.

  • by xxxJonBoyxxx ( 565205 ) on Monday May 02, 2016 @03:29PM (#52030581)
    >> Our intelligence agencies say computer security is a bigger problem than terrorism, than crime, than anything else

    If course they would say that. Their primary concern is informing and sustaining the government. The rest of us are just interchangeable, disposable meatsacks.
    • And you can murder thousands of meatsacks if you hack into a car manufacturer (does not have to be a smart car, just one where the electronics can override the hardware functionalities), and their security architecture looks like a star where the manufacturer can do instant OTA updates to all its cars. You just tell the cars to drive as fast as they can, disabling any brakes and steering, and if a certain tempo is reached (let's say 150 km/h), you simply swiftly steer to the left or right, and let the accid

    • If course they would say that. Their primary concern is informing and sustaining the government. The rest of us are just interchangeable, disposable meatsacks.

      what jerks! i identify as a sack of mostly water.

  • by wjcofkc ( 964165 ) on Monday May 02, 2016 @04:15PM (#52030909)
    So says Fareed, who also says Snowden is not a "technologist". Fareed keeps mentioning Bill Gates as some sort of all knowing technology god. Bill Gates is a business man with a background in technology. I am more than willing to wager that Snowden has far more expertise in these matters the Bill Gates. Otherwise he would not be in the sanctuary or Russia. I actually sat through the whole debate, and Fareed is so far out of his depth I am left wondering how he was selected at all for his side of the debate. It was so awkward I cringed at times.
  • It doesn't stop; its just that encryption gets reinvented over and over again. Things like where I send 3 separate communcations with every 3rd word in each of the 3. Or pen and paper encryption. Or software that mathematically scrambles communications but somehow isn't labeled encryption software. Or compression software that happens to have passwords.

    Or if encryption is really well banned and the monitoring is really good, then couriers who physically carry the data, and potentially in a form that eras
  • Nothing stops. Nothing... or you will do the hardest time there is. No more protection from the guards. I'll pull you out of that one-bunk Hilton and cast you down with the Sodomites. You'll think you've been fucked by a train! And the library? Gone... sealed off, brick-by-brick. We'll have us a little book barbecue in the yard. They'll see the flames for miles. We'll dance around it like wild Injuns! You understand me? Catching my drift?... Or am I being obtuse?

    • -----BEGIN PGP SIGNED MESSAGE-----
      Hash: SHA256

      Easy Peasy, OpenPGP-y.
      Salvation lies within.
      -----BEGIN PGP SIGNATURE-----
      Version: GnuPG v2

      iQEcBAEBCAAGBQJXKKFtAAoJEGgrLreJLenhWFsIAL0ZAFFpw6NQ0cMaecVwiXiW
      AmciZO5bvd+XfOLUUXnYcyhMe1pShA/Q22PBZrGzPBBoQsO0h6Hbga5psgSXDS/5
      Xci235JGiNyBH5UMc6aTHlMnhKV56UV6SNw+B+zuo/z7AiiXdL2OPOJUTIbe6TgJ
      6o5rzShVfbCUtqraXVzU/YSUfpWT81lpa0XQEAeb9H8kmcHaQAFpJMYFAexloTFp
      ZwWLILGxm4R7/Ul4BdHaolynqAPe5I8Vwg/7vzHCRPU/LQM43Plb+3CAr42ZTPFE
      UPkTFDesUzS+RRd+xQsLQsRWKTn+LZDQNs2LQ/ojmbnE32G1hT4Jq6tm

  • While he may be right with regards to things that are actually important, I'm really tired of being told that the video of my son taking his first steps needs to be encrypted. I would much rather have the ability to externally mount and recover my data than prevent some shadowy organisation from seeing it. All of these software companies are gleefully encrypting everything on my device, not because they give a shit, but because it's an extra reason for me to use their cloud backup services.

    It's like putt
  • When/why/how did Snowden become the the prophet of everything security??? It's hiring a serial killer to run a branch of the military...
  • Ask the military to operate without encryption. If they don't die of laughter they probably tuned you out entirely.

    How exactly do we protect online shopping carts without encryption?

    Or is it OK to protect those things and just not OK to protect person to person communication?

news: gotcha

Working...