Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Re What if (ir)Responsible Encryption Back-Doors Were Possible?

From: "Dave Farber" <farber () gmail com>
Date: Mon, 10 Dec 2018 16:41:48 +0900



Begin forwarded message:

From: Henry Baker <hbaker1 () pipeline com>
Subject: Re: [Cryptography] What if (ir)Responsible Encryption Back-Doors Were Possible?
Date: December 9, 2018 5:32:19 JST
To: Ray Dillinger <bear () sonic net>
Cc: cryptography () metzdowd com

At 02:21 PM 12/7/2018, Ray Dillinger wrote:

From: Ray Dillinger <bear () sonic net>
For what it's worth I believe the only "responsible" backdoor suitable
for government use - particularly if it is something that can be
automated - is one that does not allow even one single use of that
backdoor to remain indefinitely secret.

We need a system for accessing the systems of a few dangerous criminals
that allows the government to PROVE at any point that it has not been
invasively scooping absolutely everything that belongs to absolutely
everybody.

In Broad Fuzzy Outlines leaving a million hard details and a hundred
refinements to be designed....

In order to get their backdoor key, perhaps, they have to interact with
a public block chain creating a blinded transaction.  And no valid block
can be created without unblinding the access transactions of blocks that
are turning more than (say) 180 days old.

Because I get the idea that sometimes you have to have covert access for
the sake of a specific investigation, of a specific person for evidence
of a specific crime.  But if that access never becomes known to the
public, or if people CAN use it in the belief that their use of it will
never be known, then it is guaranteed to be abused.

Every morning, political and business reporters (and inevitably gossip
and tabloid reporters) and courtroom attorneys (and inevitably mobsters)
should be waking up, having a healthy breakfast, and consulting the
chain to see the backdoor accesses unmasked this morning.

Every morning, paranoids and tinfoil-hats who irrationally fear the
government (and inevitably mobsters and shysters and spies who have good
cause to fear the government) should be able to reassure themselves by
checking the chain to see whether it reveals today that a while ago
their own data was accessed.

Unmasking shouldn't be required for accesses less than 6 months old, so
that a legitimate law enforcement purpose can be served before the
targets become aware.  But unmasking must become absolutely certain
after some time so that people cannot be deceived about the extent or
nature of the access.

Unmasking a backdoor access should reveal whose data was accessed, who
accessed it, when it was accessed, what specifically they were looking
for, why they had probable cause to believe it was there, and what judge
signed the search warrant.

Even the masked transactions on the chain must be known to exist; Nobody
should ever be able to authorize some program that harvests 330 million
people's data one morning without it becoming known, on the same
morning, that 330 million accesses were made.


Why don't we call a spade a spade?

The proper term is "IRresponsible encryption", since it opens up a
vulnerability to essentially *everyone*, regardless of their situation
or culpability.  But, of course, this proposal follows the age-old
rule that the *name of a bill/law* is precisely the opposite of its
intended purpose, which is why everyone thinks that legislators are
all liars.

Re: "2) No one wants to be in a position where a mass murderer has
encrypted data that cannot be revealed to law enforcement"

Joe Stalin said "a single death is a tragedy; a million deaths is a
statistic".

We've seen Stalin's rule operate recently with the murder of Khashoggi,
where the press is all up in arms about a single murder, when more
than 50,000 people have already died as a result of Saudi's attacks
in Yemen.  Apparently, more than just one person thinks that there
are 110 billion reasons why 50,000 people don't matter.

To better understand the FBI's "mass murderer" fetish, you also
have to understand the concept of *bootleggers and Baptists*, as
explained by Bruce Yandle to Russ Roberts on his Econtalk podcast
back in 2007.

Basically, Prohibition was made possible in 1919 by a combination
of the interests of bootleggers (who would make huge profits from
the lack of legal competition) and Baptists (who don't believe in
drinking alcohol).  While the reality was more complicated than
this, "bootleggers and Baptists" has become the label for strange
bedfellows who get together to pass a law otherwise unthinkable
for the rest of the population.  Thus, the bootleggers put forward
Baptists to carry their water, because no one is going to (publicly)
support bootleggers. 

http://www.econtalk.org/bruce-yandle-on-bootleggers-and-baptists/ 
<http://www.econtalk.org/bruce-yandle-on-bootleggers-and-baptists/>

Another similar situation was that of mothers who voted for Wilson
in 1916 because "he kept [our sons] out of war (so far)" (yes, women
were allowed to vote in 6 western states; see Michael Beschloss's
book on Presidents of War).  Alice Paul, the radical suffragette,
effectively traded her support for Wilson's war for Wilson's
support for the 19th Amendment -- she presumed that the ~117k
deaths and ~320k wounded were costs worth paying for its passage.

Yet another example is that of U.S. gun deaths, where ~34k people
were killed in 2013, *2/3's of which were suicides*.  To keep
things in perspective, ~33k people died in auto accidents in 2013.
Yet gun control advocates continue to inflate gun deaths with
suicide statistics, while simultaneously voting against physician-
assisted suicide.

The FBI and its apologists are attempting to use Joe Stalin's
rule and create a "Megan's Law" for encryption backdoors by pulling
out a single sympathetic individual to sway public opinion, when
the losers from such are *all the rest of us*.  The plural of
"anecdote" is not "data" !  (The plural of "backdoor" is not
"responsible" ?!?)

The FBI is also playing the Baptist for the Deep State "bootleggers"
who want to continue unrestricted & unwarranted mass surveillance.
Such bootleggers include the subject of a now-playing movie which
just won 6 Golden Globe nominations, and a judge who recently joined
the Supreme Court.

We're currently asking the designers of autonomous vehicles to
solve the "Trolley Problem", wherein a runaway trolley (or
autonomous vehicle) gets into a situation where 1 or 5 people
will die, and the autonomous vehicle must decide who will die.
Yet legislators themselves continuously pass laws which benefit
a vanishly small percentage of the electorate, while disadvantaging
everyone else.

https://en.wikipedia.org/wiki/Trolley_problem <https://en.wikipedia.org/wiki/Trolley_problem>

I'm sorry, but the tradeoff of making billions of cellphones,
laptops, routers, and other IoT devices vulnerable to save a
handful of people isn't worth it; among other reasons, we can
be sure that the vulnerabilities themselves will cause
additional deaths -- dead reporters, dead dissidents, dead
spies, etc.

One supreme court justice is supposed to have suggested that a
flush toilet is the drug dealer's best friend.  Yet not even
the FBI is suggesting that toilet manufacturers include a
"back door" in every toilet to catch a handful of drug dealers.

_______________________________________________
The cryptography mailing list
cryptography () metzdowd com <mailto:cryptography () metzdowd com>
http://www.metzdowd.com/mailman/listinfo/cryptography <http://www.metzdowd.com/mailman/listinfo/cryptography>




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-a538de84&post_id=20181210024204:12DE67EE-FC4F-11E8-9412-A4443787CC1A
Powered by Listbox: https://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: