That's even true, though perhaps less so, without the legislative majority. A lot of Democrats who don't look like solid opponents of surveillance now would if you considered only their relationship cord during the George W. Bush administration.
All it will take is a large-scale "terrorist attack". That event will be exploited to the hilt the same way 9/11 was.
The only thing I can think of is that the majority of people who advocate for encryption are anti-gun, and don't want to give strength to that argument?
But as I think about my stance on the legality of encryption it sounds pretty similar to the argument for guns. Still don't want one, but it's harder for me to be dismissive of a point when I turn around and use the same point for another issue.
Police violence is more of a way to discourage wrongdoing on the part of rational actors. Irrational actors (terrorists, mentally ill, drug-addled, enraged, desperate) probably won't be affected short of an oppressive police state.
If you buy that argument you could also argue that govermnets should be trusted as a holder of cryptogrphic keys.
Probably wouldn't end well for you though.
The right to keep and bear arms has more bearing on access to encryption than any other recognized right.
The 2nd - 6th on the other hand, watered down though they may be by subsequent court opinions, do directly deal on the relationship between things that an individual may possess which the government would seek to take from them for its own ends.
To me, the second set strikes far closer to the intent of privacy. Privacy is not some passive manner of communication. Privacy is fundamentally a weapon whose very existence challenges and bounds the desires of the state. Because privacy is fundamentally unknown.
Let's not pretend we're talking about encrypting just "the good messages". We're talking about encrypting child pornography, chemical formulas and processes for explosives, copywritten media, white/black/hispanic/asian supremacist propaganda, firearm schemics, computer viruses, and explicit pictures of ex-relationship partners.
The state has a reasonable interest in wanting some of this suppressed. But you have to make an all-or-nothing choice on whether it should be able to do that... or not.
This isn't about expression: it's about how we as individuals and citizens relate to our government and it to us.
And time, place, and manner restrictions on expression are limited by the First Amendment (case law gives them slightly less protection than content-based restrictions, intermediate rather than strict scrutiny.)
And encryption restrictions that permit it for certain uses and not for you others are, arguably, content-based restrictions.
We'll see how it goes though. I doubt the courts will be thrilled to do anything that circumscribes their own power.
basically, the private law-abiding citizen is the only one left out of the power loop. everyone else is armed to the teeth.
for those of you who are pro-crypto but anti-gun, the government considers crypto a weapon, plain and simple. they don't share your divided sensibilities. it's real easy -- they want to take both away from the populace, a little bit at a time. and of course the oldest trick in the book is divide and conquer. they know you don't want to apply the same arguments to both fights because of your feelings on firearms, and they are taking advantage of it.
that uneasy feeling you get when you consider a world without private access to crypto is the same uneasy feeling gun owners get when you talk about taking away their access to firearms.
As someone who has been anti-gun and pro-encryption, I'm now wondering how I reconcile these two stances that are at conflict with each other.
To be clear, I am both pro-encryption and "pro-gun". However, spinning the argument to present encryption as a more immediate threat can be done, and quite easily considering the fact that not many people understand it. The argument could even work on pro-gun people!
Incidentally, this is Jim Jefferies point about guns: guns are fun, people enjoy having them and shooting, so they rationalize with evil governements threats from centuries ago.
They are just tools. They can be used or abused.
You are not as rational as you think you are.
However, strong crypto and privacy are not useless today. I would bet that strong crypto has done more to protect, for example, Snowden, than guns.
In other words, crypto is the new guns - they are currently a tool that is useful for protection against a rogue government (at least in theory).
Well. Thank you. Your sarcastic reply helped me justify my pro-encryption and anti-gun stance :)
Unless, of course, you mean having access to a gun increases your chances of successfully committing suicide, which is fairly well established... but I think that this is rather different, at least in terms of connotation, than what you said. My impression was that you were implying that having a gun in the house makes you significantly more likely to be the victim of an accidental shooting, which while technically true, really isn't worth worrying about compared to, say, car accidents (or even airplane accidents) accidental gun deaths are very rare.
That's what is interesting to me in this whole gun debate. The majority of gun deaths are intentionally self-inflicted.
Interestingly, it seems to me that the people who support gun ownership more often than not oppose physician-assisted suicide, and vis-a-vis.
If you accept my assertion that the gun debate is actually about suicide, "From my cold, dead hands" takes on a whole new meaning.
> “Impulsiveness may be a catalyst in using a firearm to commit suicide and may also play a role in firearm-related homicide.”
I grew up with guns in the home, but these guns were for hunting / bear protection, not "self defense" and were stored unloaded and locked. I support the right to own guns but I find the willfully ignorant, cavalier and dismissive attitudes that many pro-gun advocates have towards the risks of gun ownership to be a shame.
Are you sure about the airplane accidents part? Do you have data to back it up? I know that traffic fatalities in the US are about even with gun fatalities overall , but if you can show that accidental gun deaths attributable to gun ownership at home are roughly equal to deaths from plane crashes, I'd be very interested in seeing that.
 https://en.wikipedia.org/wiki/List_of_countries_by_traffic-r... https://en.wikipedia.org/wiki/List_of_countries_by_firearm-r...
"Firearm— In 2013, 33,636 persons died from firearm injuries in the United States ( Tables 18 and 19), accounting for 17.4% of all injury deaths in that year. The age-adjusted death rate from firearm injuries (all intents) did not change significantly in 2013 from 2012. The two major component causes of firearm injury deaths in 2013 were suicide (63.0%) and homicide (33.3%). The age-adjusted death rate for firearm homicide decreased 5.3%, from 3.8 in 2012 to 3.6 in 2013. The rate for firearm suicide did not change significantly."
so, that gives us 96.3% of all gun deaths as either suicide or homicide, leaving 3.7% unknown. 3.7% of 33,636 gives us 1,245... okay, uh, so if all of those are accidental deaths, then I'm wrong, as planes aren't nearly that dangerous.
http://library.med.utah.edu/WebPath/TUTORIAL/GUNS/GUNSTAT.ht... - claims 600 accidental gun deaths a year
even this page (which reads as very anti-gun to me) claims a similar number:
But, even if the lower ~600 number is right, that puts it in the neighborhood of total airplane deaths globally... so it looks like I was wrong, accidental gun deaths are not rare compared to airplane accidents.
which apparently only gives me stats from 2013, NVDRS States: AK, CO, GA, KY, MA, MD, NC, NJ, NM, OH, OK, OR, RI, SC, UT, VA, WI
but it has a fascinating table of accidental gun deaths.
However, I'd still say that this doesn't detract much from my general argument that the gun control debate becomes more interesting (and, I think, makes more sense) if you understand that Americans use guns more often on themselves than on other people.
At an individual level it doesn't. At a population level there is an argument that it makes a guerrilla civil war potentially winnable by the rebels, which has a deterrent effect on extreme totalitarianism.
You're imagining construction workers and commercial airline pilots and physics professors against professional soldiers. Imagine 500 professional soldiers with the backing of 5000 construction workers and commercial airline pilots and physics professors take over the military base where those 500 soldiers were already a quarter of the garrison, because the 5000 already had their own small arms and knew how to use them.
Then they have tanks and planes and nuclear weapons and popular support and the same dynamic plays out at ten other military bases.
Democracies are stable because if you have enough people behind you then you can vote the bums out before you have to fight them militarily. But authoritarian "democracy" where you have a central government imposing controversial laws with only 51% national support and significantly less than that in specific regions is more than a little unstable.
I also disagree, conceptually, with the idea of fundamental rights: http://sonyaellenmann.com/2015/11/human-rights-are-not-innat...
However, citizens would probably still want to keep their data private from all kinds of other eavesdroppers just like they want guns to protect themselves from threats less capable than the military.
The fact that the government outscaled civilians RE: military power doesn't make it a useless law. Think abusive law enforcement at the local/state level.
People are shot and killed by law enforcement. Sometimes they're shot and killed very quickly, within 30 seconds of an officer arriving on scene.
People who are thought to be armed are often shot and killed by US police. Notice the "thought" there, many people are shot even though they don't have a weapon because law enforcement thinks the person has a gun.
Do you have any examples where an interaction between a citizen and a cop is made better by the presence of a gun on the citizen?
(I guess the strongest challenge to my argument is the presence of MalcolmX)
Better thought: Do you think a completely unarmed populace is a better idea given how bad police abuse their power?
Well, yes, I do.
The US is heavily armed. The US has a lot of poorly trained, unskilled, abusive police officers.
Gun ownership hasn't made US police any better. If anything it's made them far more lethal - one reason given (by both pro- and anti- gun advocates) for the shocking numbers of people shot and killed by US police each year is the presence of guns in the population.
When a police officer abuses their power I can grind through it, or I can pull a gun and get shot. In most cases getting shot is the worse outcome.
In that sense its the same as encryption, it all boils down to an argument of economics.
When the NSA wants to hack you, you are fucked. When the FBI wants to arrest you, you are fucked. Only in mass can either of these measures have a large impact on government policy. Both things stop the goverment from some actions that they might take.
I agree that guns have larger everyday danger effect then encryption. However Im not convinced that, its sufficantly good argument outlaw guns.
It didn't seem to stop them at Waco. Since they're getting army surplus from actual warzones I'm not sure the civilians can put up much resistance.
I don't have any insight into the gun lobby so I can't tell whether it is any accurate.
I fear the gun argument is further weakened by the fact that civilians can't have big anti-aircraft guns in their backyard pointed towards the sky. I bet I can't operate a decent early warning radar in my backyard without running afoul of some zoning ordinance or another.
There is only one reason the NRA has influence: members and sympathizers will vote on thier recommendations, they have a lot of members and the NRA will always endorse the most sympathetic candidate to thier cause regardless of party affiliation.
The pro encryption lobby could emulate this. Lobby groups like the eff need more members and crucially need members to vote for who they recommend regardless of the candidates other views ie. vote for Trump if he said he was pro encryption.
Encryption isn't so tangible. If certain forms of encryption were banned, we'd still have our computers and phones, and to the average end user, they'd be no different in their perception.
I'm a gun rights supporter, not so much because I give two hoots about guns, but because I see the fourth and second amendments as an overall proxy for the health of the bill of rights.
If the government wants to ban guns, or privacy, the remedy there is through amending the constitution, not simply pretending it doesn't exist, but we've allowed the government so much discretion and deference on matters like these, especially on guns, because we (as a people) don't particularly love them, and because the argument has historically been presented as "you don't want these bad people to have these loopholes", where bad people is interchangeably terrorists, gun owners, communists, or whatever the evil of the day tends to be.
EFF is a 501(c)(3) organization and is forbidden to endorse or oppose political candidates. That is different from NRA.
The federal government once classified encryption as a weapon, maybe we have 2nd amendments rights to it.
Because they aren't doing that is probably the reason why privacy/data protection is such a neglected issue during elections, and if it does get brought up is mainly from the perspective of "what other rights should Americans give away freely so the government can protect you".
The only reason it's been brought-up now is because of Apple, and even that is mostly spun in the government's favor in the media.
I don't know a single gun owner that wouldn't also be an advocate for encryption.
Guns are defense against guns in a way that encryption is not defense against encryption, so the notion that we are depriving non-criminals of an important defense against encryption-toting criminals carries less weight.
With guns you can execute a crime, with encryption you cannot.
It is true that you can plan a crime with the use of encryption, but we don't punish on intentions but only on facts.
It is not illegal to plan how to kill someone, while it is illegal to actually kill somebody or to try to do it.
What about the ransomware that encrypts your data and makes you pay money to have it decrypted?
With both guns and crypto, I think we're all better off to focus on keeping the tool legal and selectively outlawing certain human behaviors that use the tool.
This is a legal problem, not a technical one, we should stop to find technicalities...
Yes we do. Murder vs Manslaughter, "Intent to commit murder", "killing in self defense", theft and fraud are all crimes where someone's intentions are very important.
Didn't get the connection with "killing in self defense".
It is true that theft and fraud are all crimes where the intentions are important, however it applies after the crime is already been confirmed.
That we don't punish intentions but only fact is a major cornerstone of the western jurisdictional system; in my opinion is actually weird that we are discussing this.
Please note that the common definition of intents is different from the legal one.
If a reasonable person, in your situtioan, thought that their life was in danger, they can kill someone in self defence. This is less about "intention", but about "what's inside your head", but hose are very similar.
> It is true that theft and fraud are all crimes where the intentions are important, however it applies after the crime is already been confirmed.
Not always. Some countries say "theft" is only when you intend to permanently deprive someone of something. So if I find your wallet on the street, and pick it up in order to bring it to the police station, then I amn't guilty of stealing your wallet. Because I didn't intend to when I picked it up.
Anyway we are not going to ban paper, matches, lighters, and the mail services.
You are thinking more like a technician than like a lawyer...
If you think gun related jurisprudence is the way to rescue encryption try ITAR. Munitions = Arms = 2nd Ammendment
It's not done partly because the "anti-gun lobby" knows it would be a fruitless endeavor, and partly because most gun control advocates don't actually want to render guns useless by any means possible.
If you wanted to be really clever you could still allow ammunition, but limit the materials the bullet could be made from or limit the powder load. Attacking ammunition has got to be a more workable strategy than trying to restrict gun ownership without consitutional change.
Not much of a question. Although this is clearly hyperbole, I think the implication that our rights be "nerfed" through loopholes is unconstitutional.
In many people's eyes, it has.
My question is why have the anti-gun lobby not gone after ammunition. So far I have not had one good response answering this question.
Around here you are required to have a weapons safe to store almost any kind of weapon at home. This limits the risk of more guns getting into criminals hands as well as the risk of children toying around with them.
BTW another nice touch around here is you are required to have a reason for having a gun. That either means hunting, target practice or serving in the police or military. Reasons tends to be understood leniently (ie no one cares if you don't go hunting for a few years), except for handguns that requires the local chapter of a target shooting club to vouch for you.
I almost think you could get a good chunk of NRA behind something in these directions if you could somehow make sure it wouldn't be used for racketeering. After all NRA doesn't exactly look like raging bloodthirsty madmen, do they? Just like we aren't very fond of criminals just because we want to keep our encryption?
When you go on and on about this it is borderline trolling IMO.
My idea is to not try to get rid of ammunition by banning or taxing, but just degrade it's killing power via regulation to the point that it is harmless. You could still buy arms and ammunition, but you would not be able to kill anyone.
I should add that I am not arguing for the banning of ammunition, just why has this not been used as an attack vector on the gun lobby?
Besides, ok you ban the sale of ammunition. Now are you going to ban reloaders and selling of ammunition components too? How far are you willing to go down that rabbit hole? Noting that it isn't that hard to make ammunition are you going to ban the knowledge of that as well? It would be pretty easy for a lawyer to point out the whole idea is an end run around the spirit of owning armaments. For that reason alone its not any better of an idea than trying to ban guns outright.
Any such law would work its way up the legal chain until it got to the supreme court (assuming they chose to take it up the case). As the federal law on armor piercing bullets shows  there does not seem to be anything stopping congress passing a law regulating or banning ammunition. Instead of just limiting the ban to armour piercing it could be extended to a ban on ammunition that can pierce the skin.
If you are able to ban ammunition you could certainly ban the sale of the components to make ammunition. Sure there might be some individuals that choose to break these laws, but it would be pretty effective.
Ultimately the choice to do something like this would be politically, not constitutionally constrained. If you oppose the widespread availability of guns  why not try to think around the problem rather than bashing your head against the constitutional rock?
2. I am actually not personally opposed to gun ownership.
And this is why judges exist: to go "hey, that law is trying to work around the Constitution and therefore is unconstitutional." And I say this as someone very much in favor of gun control. But it must be approached legally, not with the mindset that the law is some kind of computer program executed by idiot minds.
It would be akin to banning cars by banning the sale of wheels. You will be hard pressed to say your intent is to stop people getting run over by stopping wheels from running people over. It is patently obvious your goal is to stop cars from being used. Even if you ban wheels with spikes on them that obviously only ever get used to destroy other cars, that doesn't mean that it is ok to ban all wheels using the same logic.
You'll probably want to ask a lawyer the legal situations behind your proposal. They'll be better able to elaborate. But in talking to some lawyer friends in the past, they note judges are really good at sniffing out attempts to work around the spirit or intent of a law.
I will say once again I am not personally in favor of gun control, just asking why the anti-gun lobby is not trying to go after the weak point in the regulation of guns (the ammunition) rather than the strong (the second amendment).
On the flip side, my first argument 2A, so now the burden is back on you.
In brief, strict scrutiny is the most stringent level of scrutiny, and rational basis the least stringent. Operating a vehicle on public roads is decidedly a right, but not a constitutionally enumerated one, so it is only held to rational basis. Rational basis scrutiny allows a right to be curtailed it, on a rational level, the curtilage is related to a legitimate government interest.
When strict scrutiny is applied, it means that a much more stringent justification must be met. Not only must it further a legitimate government interest, but it must also be the least restrictive possible means of doing so, and not fundamentally burden the right.
Banning teflon coated bullets does not fundamentally infringe the right, and is narrowly tailored enough that it survives the least restrictive means test. Banning all ammunition cripples the right, fundamentally, and is nowhere near tailored enough to survive heightened levels of scrutiny.
Just to nit pick it is not teflon coated bullets that are banned (at the federal level), but bullets made of certain hardened materials that are banned. The teflon is there just to stop the gun barrel being damaged.
I am not suggesting banning all ammunition (as a tactic), but degrading the killing power of bullets by legislating what they can be made from and how fast they can leave the muzzle. How much could the killing power of bullets be degraded before the law would be considered an infringement on the second amendment?
It's people asking questions like that, and failing to respect the spirit of the constitution that explains exactly how we've become a nation in which federal power is effectively unrestrained by the constitution.
Endorsing gun control means being an enemy to the bill of rights. Wiggling past scrutiny by playing legislative "I'm not touching you" games as you're doing weakens the whole of protections to the citizenry. Whatever semantic games you like playing against the second amendment sets precedent for those same games to be played by the other side for speech, privacy, abortion and marriage rights. It is the failure of the left to respect some rights, paired with the failure of the right to respect the others that has gotten us where we are.
Just because the government doesn't like a right doesn't mean they get to ignore it. Because people like you let them selectively ignore the rights you don't like is what gives them the power to ignore the rights you do. If you want to be constitutional (and you should), you can ban bullets by repealing the second amendment, or amending the constitution to state that bullets aren't protected by it.
As for the second amendment it has basically been totally gutted long ago since people have no access to true arms.
We've been making "modern" repeating firearms and ammunition for over 100 years - it's foolish to think that with modern precision technology being so cheaply available that the people would be unable to craft ammunition at home.
I want to point out the reasons for which that's impossible -- that the executive can't issue an EO that applies to the citizenry at large, and that there aren't any agencies that specifically regulate software companies, but as I can't find a loophole that hasn't been leveraged to render my arguments moot, I can't even convince myself that it couldn't be done.
That said, on paper, executive orders are only applicable within the executive branch. E.g., the president can issue an order that commands his agency chiefs to interpret a law a certain way, or compel them to issue internal commands to change an action that they are otherwise charged with doing, but laws to which the citizenry must comply need be done via Congress.
So, a hash function and not encryption? Got it.
Sarcasm aside, we really need to start using the correct terms.
| \`- Hash Functions
| `- Secret-Key Cryptography
| \`- Secret-Key Encryption
| `- Secret-Key Authentication
`- Public-Key Cryptography
\`- Public-Key Encryption
`- Public-Key Authentication
So, asymmetric cryptography.
Encryption is a reversible, keyed transformation of a message. If you cannot reverse it, it is not encryption. Calling it encryption just introduces confusion.
Unless there is a current lawsuit where an affirmative ruling would imply a general order to introduce backdoored encryption in an entire line of products, then it is not "a matter of time" - and thus is also the classic slippery slope fallacy - decision A does not decide decisions B, C and D without further consideration.
> The Justice Department and WhatsApp declined to comment. The government officials and others who discussed the dispute did so on condition of anonymity because the wiretap order and all the information associated with it were under seal. The nature of the case was not clear, except that officials said it was not a terrorism investigation. The location of the investigation was also unclear.
Just in case anyone was wondering if this was terrorism related, it is not. I suppose next is OpenWhisperSystems / Signal, etc.
I'm glad I've stuck with GnuPG for anything truly sensitive.
I couldn't find anything on the oficial web/blog, the single mention on security is this FAQ which is about server/device encryption.
A friend also told me E2E is only available for US users but unfortunatelly I can't confirm this because of the lack of communication from WhatsApp.
Edit: fixed typos
In any case, my family uses WhatsApp pretty heavily, and I love reading about their engineering, so I'm happy to hear that this encryption exists and is flustering a far-overreaching government. Now let's hope Apple et al prevail, because I like my non-backdoored encrypted messaging.
But those cases are only saying that companies can't comply to disclosure requests. That doesn't say if the encryption itself is weak or if the user has to completely trust that company. Just like the Apple case, where a 4-6 digit PIN is basically protected by Apple's secret firmware and its signing infrastructure.
There is nothing worse than a messenger that is commonly called secure but actually isn't (like the current implementation at WhatsApp). Cryptocat already had a massive disaster related to this problematic. Known as the chat program for activists in danger, it had a mathematical bug that made it nearly as weak as cleartext. Another one: As long as people aren't always explicitly using Secure Chats, Telegram isn't more secure than WhatsApp and doesn't use any end-to-end encryption. Still hyped for its security. While secure clients can definitely exist, most of the famous everyday solutions are just FUD and bullshit.
Listen to what Im saying. End to end encryption, however badly imemented, rolled out to 300 million people is a extremly big deal.
Just for the fact that it counteracts the belief that only suspect people use encryption. Also even badly implemented end to end encryption stops lazy dragnet survailance. The policy or the FBI simple do not have the ability to MITM billions of messages every day.
Remember that most texting was essentially done in cleartext before this.
And at that point it's just speech. I don't mean "like speech", or "something sophisticated people should recognize as speech", or "code is speech" ... I mean, it's just plain old speech. Just very boring, long-winded (and extremely precise) descriptions of computer source code.
So perhaps there will be some pain and perhaps there will be some years before it finally gets to the supreme court, but in the end, it's just speech.
Will they change the 1A ? Would they ?
So, if it simply looks encrypted, but acctually contains randomized meaningless shit, how can anyone prevent me from bahaving in this manner, and claim that I've done harm?
I've paid for the service, and I can spam it with trash as I see fit.
In the US, you will be held in contempt for failing to decrypt data when ordered if they can show that you "probably" have access to it and it's relevant to the charges against you. This also means prison for many years for failure to decrypt, even if you can't.
IMO that would be awful.
In case of the good old phone system, the very way that worked maked wiretapping very easy. The same was true for physical mail (one major reason why most states created and held on to the monopoly on mail for so long).
With email and IM this is - again due to the way this works - a lot more difficult. Artificially restricting encryption just so they can keep on doing things the way they're used to is a bad idea, and kind of naive, too.
It is inevitable that this change, lwft unchecked, will increase citizen privacy AND decrease law enforcement effectiveness. The HN community is very aware of these privacy benefits, but skeptical about the security costs. I wonder how far security must slip before those costs become apparent.
Until that happens, we basically have two camps of experts talking past eachother. The tech community sees the privacy cost, the law enforcement sees the security cost. Both back up their claims with "trust us, this is what we do for a living." This makes it very difficult to create a policy solution.
We have few ways to hide metadata and those are of major imprtance. Investigating crime is now far easier the it was at any time beore 1995 and the world did go to shit then.
I don't understand why people think this is an issue. While you could certainly imagine the PRC being emboldened, it's not like their history of human rights abuses has kept them in check. The only thing which does is how much they love trade with the west, but it would be entertaining the amount of blowback making a move against Foxconn would create (also worth considering: China, land of fake electronics components and seizing memory cards at the border, is where all your iPhones are being made...)
Don't use Wickr.
Proprietary crypto + an interesting target for NSA because of its popularity among ISIS = probably snake oil and at the very least makes you a target
"Career criminals recommend it" isn't a good indicator of security. Two things to consider:
1. Confidential informants exist
2. Being a high-risk individual doesn't make you a domain expert
Ask your drug dealers to explain why RSA encryption with PKCS1v1.5 padding is bad. If they can't, disregard their opinion on cryptography and privacy technology.
I'm doing my part, too! :)
Sure doesn't help when this is how the media describes a text messaging app.
I will be sure the take the discussion on RSA encryption with PKCS1v1.5 padding the next time I see those guys. Probably without mentioning ISIS..
Modern standards like SHA3 are designed far better and in a way that make it way harder for anybody to build in a backdoor.
This is one of the few areas we dont have to worry to much about.
What we need to worry about is addoption of good defaults by the large majority.