
How not to report on the encryption ‘debate’ - jeo1234
http://www.cjr.org/first_person/misinformation_and_misconceptions_how_not_to_report_on_the_encryption_debate.php
======
cgm616
"We kill people based on metadata." \- former head of the National Security
Agency Gen. Michael Hayden

“metadata absolutely tells you everything about somebody’s life. If you have
enough metadata, you don’t really need content.” - NSA General Counsel Stewart
Baker

~~~
effie
Could you post a citation, please?

~~~
cgm616
[http://www.nybooks.com/daily/2014/05/10/we-kill-people-
based...](http://www.nybooks.com/daily/2014/05/10/we-kill-people-based-
metadata/)

------
marshray
OK, so we have another well written article explaining how attempts to
demonize encryption and put it back in the bottle are misguided, and the
spokespeople for the authoritarians and intelligence community are being
disingenuous on cable TV.

But most of us already knew this. So what I'm asking is:

* Are these well reasoned words affecting/effecting policy?

* How will we know?

~~~
apatters
Most of us who read Hacker News already know this, but it is important to keep
publishing and reinforcing the message for everyone else!

~~~
jlgaddis
But is anyone hearing the message other than us?

~~~
tedunangst
Have you tried using ALL CAPS?

------
meowface
I think this article is great, but something did stand out for me.

I'm a huge supporter of universal end-to-end encryption, but Feinstein's point
is making me feel some cognitive dissonance:

>"I think with a court order, with good justification, all of that can be
prevented."

There _are_ cases where I would want law enforcement to be able to read
encrypted communications in an emergency situation, with a valid court order.
If someone is being held hostage, for example. Of course I don't want
intelligence agencies having this same access; just very specific requests
during exigent circumstances, with judge approval. A real judge in a real
court, not a secret FISA court.

But to do that you need some kind of key escrow already set up with the
government, and if you have that, there's nothing stopping law enforcement and
intelligent agencies from spying on what they want when they want.

Right now this isn't a huge problem since a lot of people still communicate in
plaintext, or things that are encrypted but logged/intercepted by a central
location (Skype). But eventually more and more things will move to end-to-end
encryption.

What is the right way to handle this?

~~~
Zigurd
The right way to handle it is to enforce laws in meatspace. To create CP, for
example, you need to abduct and exploit children, and produce content. This
leaves a trail of money, places, and witnesses. Bear down on that instead of
snooping.

It could improve the effectiveness of law enforcement to force them to focus
on meatspace crime rather than playing with their shiny computer toys.

~~~
meowface
True, but that's not the same for downloading or distributing CP. You can do
that 100% online with no "physical" laws violated or money exchanged.

------
aczerepinski
If the government forces the big American tech companies to adopt weaker
encryption technologies, what's to stop terrorists from rolling their own
communication app? Or new tech companies from deploying apps from countries
where strong encryption is still legal? Would developers need to become
familiar with government approved algorithms?

Separate from the debate on whether this is a good idea, I'd love to see a
proposal for how a global encryption ban could actually be implemented.

~~~
csandreasen
Forcing the terrorists/criminals to roll their own encryption would be a huge
win for both law enforcement/foreign intelligence agencies and the general
public. When non-cryptographers write their encryption software the likelihood
that it's insecure goes up, and if they're off using Mujahideen Secrets v5.0
instead of WhatsApp their communications would stick out like a sore thumb
instead of blending in with regular users. When the terrorists/etc. don't
blend in, the FBI/NSA/etc. don't have to sift through mainstream
communications channels to figure out which people are bad guys and which are
just regular people.

