
NSA’s director says Paris attacks “would not have happened” without crypto - pavornyoh
http://arstechnica.com/tech-policy/2016/02/nsas-director-says-paris-attacks-would-not-have-happened-without-crypto/
======
valdiorn
Did everyone forget this:

"According to statements from French law enforcement, the attackers had used
standard SMS messages to communicate—not encrypted messaging apps on
smartphones."

~~~
SturgeonsLaw
Never let a good crisis go to waste.

The coordination is astounding. Crypto is being assaulted on all fronts by
establishment brass. Makes one wonder who's setting the agenda?

------
p4wnc6
At first I was going to criticize Rogers, the article's subject, with some
comments I reproduced below [1]. But really, I think the criticism is more
with the journalist's description.

There's evidence that Rogers is aware of the social value of cryptography and
is not advocating for government backdoors as a solution here. For example,
the article currently states

> Rogers called encryption "foundational to our future" and added that arguing
> over encryption backdoors was "a waste of time."

But then devotes much more space to other quotes by Rogers that might be out
of context. For example, this larger passage:

> "Is it harder for us to generate the kind of knowledge that I would like
> against some of these targets? Yes," Rogers told Isikoff. "Is that directly
> tied in part to changes they are making in their communications? Yes. Does
> encryption make it much more difficult for us to execute our mission. Yes."

So? All those things are true, but it doesn't mean Rogers is calling for
backdoors or legal changes to make those things easier. He may well be aware
that this is just a fundamental trade-off between security and privacy, and
that we have to get better at security without compromising on this particular
aspect of privacy.

It's easy to read this and think Rogers is listing off gripes about crypto,
but that doesn't seem like the whole story, and this seems much more like
clickbait on closer inspection.

I do think my original comments are relevant, just not necessarily as a
criticism of these comments by Rogers. So here they are anyway:

[1] Since crypto exists and is useful for human prosperity and protection from
untrustworthy government actors, why waste time talking about a counter-
factual situation where crypto didn't exist and the attack didn't happen?

Why be so lazy?

Why not instead talk about a world where crypto does exist, and where people
reap benefits of crypto helping protect them from untrustworthy government
actors, _and also_ attacks like those in Paris _are still prevented_?

Unless one can demonstrate there is an impossibility theorem here ... that
crypto implies unstoppable terrorism ... then it just seems lazy and
misinformative to spend time talking about wishful thinking of a no-crypto
world instead of working on how to both have crypto and thwart terrorists at
the same time.

~~~
yompers888
From the couple of discussions I've had with Rogers, he seems like he's too
grounded and aware of the world to actually pursue weakened encryption. Plus,
it would make the IAD half of NSA's mission almost impossible. When I've heard
him speak (to mostly non-technical audiences), the systemic issues he laments
are not the state of encryption, but talent drain from NSA because of falling
short in fulfillment/compensation, and that US companies aren't forthcoming
enough about breaches to support quick/comprehensive response.

From my impressions talking to various people who've worked within these sorts
of organizations, NSA's two huge problems are loose interpretations of USSID
18 (how much collateral spying/passive collect is too much?) and partnership
with organizations to whom USSID 18 does not apply.

------
ankurdhama
Two people were talking in XYZ language that I don't understand and then after
some time they attacked me. Dammit it "would not have happened" had they been
using the language I know of.

~~~
beefok
I realize this article is much more in-depth than the view of this author,
but.. Yeah, it's amazing how the approach to this has shifted. Imagine if the
Allies in WW2 had just complained about the Nazi cryptopgraphy and 'outlawed
it for everyone' instead of actually worked around it..

------
happyslobro
Random Troll says NSA "would not have happened" without crypto

