
IEEE Position Statement in Support of Strong Encryption [pdf] - DyslexicAtheist
http://globalpolicy.ieee.org/wp-content/uploads/2018/06/IEEE18006.pdf
======
davidkuhta
If you're interested in an exegesis of encryption from a legal perspective, I
suggest reading one of the citations: "Encryption Workarounds" (O. Kerr, B.
Schneier) Georgetown Law Journal
[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2938033](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2938033)

> The first lesson of encryption workarounds is that there are no guarantees.
> Workarounds are inherently probabilistic. On one hand, no approach will work
> every time. On the other hand, that a target has used encryption does not
> mean the investigation is over. The government has to search for a
> workaround that might succeed.

Note: The authors define a range of workarounds to include the "password
sticky note on monitor" to "vendor installed backdoors".

------
herodotus
Good to see this strong statement against backdoors being made by the IEEE.
But what seems never to be mentioned in these discussions is anonymity: while
I completely believe in the right of any one to send communications securely,
I do not have the same belief that people should be able to be anonymous. I
think there should be layers of anonymity and I should have the right to
decide if I would ever receive a truly anonymously sourced message. Other
identities should be protected, but subject to legal disclosure with the usual
legal protections.

~~~
DSingularity
I share your belief. I believe this is no brainer. Communication can be
harmful. This has been known forever. Yelling fire in a theatre, slander, etc.
If strong anonymity becomes easy, then it becomes cheap to harm with speech
anonymously. We should provide means to preserve the anonymity of whistle
blower. What we should not strive to create are strongly anonymous
alternatives to mass communication platforms -- twitter, blogs, messaging,
etc.

~~~
kyboren
I could not disagree more. Thankfully, the US Constitution is on my side and
not yours.

Anonymous speech is essential to public discourse and the "marketplace of
ideas", precisely because it enables dissenting opinions to be voiced without
fear of persecution and heard without an _a priori_ bias for or against the
speaker: Anonymous speech forces ideas to be evaluated on their own merits.

It's true: with anonymous speech, people will occasionally have to put up with
libel without adequate recourse. On the other hand, without anonymous speech,
unpopular or dangerous but critical ideas might never be heard, or be heard
with widespread bias ("We have not only the right but the duty to rebel
against the tyrannical King", "We should form a Federal Union", "The Pentagon
and the White House have systematically lied to the American people about the
Vietnam war for years and years", ...)

Don't forget that the all-time best-selling book in America, the book George
Washington had read to the troops the night before crossing the Delaware and
launching the pivotal battle of the Revolutionary War--was published
anonymously. Nor should you forget that the battle of opinions on ratification
of our Constitution mostly played out in newspaper articles--again, published
anonymously.

Finally, consider that it has always been cheap to harm with anonymous speech.
Graffiti is certainly nothing new. What scares you so much about an anonymous
blogger?

~~~
forapurpose
Also, remember that in many countries people don't have the legal protections
for speech that Americans do.

------
bcaa7f3a8bbc
> _globalpolicy.ieee.org uses an invalid security certificate._

> _The certificate is only valid for the following names:_

> * _.wpengine.com, wpengine.com_

> _Error code: SSL_ERROR_BAD_CERT_DOMAIN_

HTTPS is not deployed on globalpolicy.ieee.org.

~~~
bcaa7f3a8bbc
It's quite interesting to see my comment, first got a couple of upvotes and
went to the top (because it looks interesting?), then got a couple of
downvotes (because my comment was seen as nonconstructive? 0r because it
ranked #1 and some thought it shouldn't?), finally got more upvotes.

There must be some misunderstanding. Not at all I'm saying or implying IEEE is
being hypocrisy. I just wanted to point out the simple fact that there are
still works need to be done to ensure "HTTPS by default" on the public
internet. One website at a time. Perhaps we should start with this IEEE
website which coincidentally published a pro-encryption statement.

~~~
_verandaguy
I think you're attributing too much weight to a comment moving up and down a
thread without being made dead.

