Hacker News new | comments | ask | show | jobs | submit login
IEEE Position Statement in Support of Strong Encryption [pdf] (ieee.org)
170 points by DyslexicAtheist 7 months ago | hide | past | web | favorite | 22 comments

If you're interested in an exegesis of encryption from a legal perspective, I suggest reading one of the citations: "Encryption Workarounds" (O. Kerr, B. Schneier) Georgetown Law Journal https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2938033

> The first lesson of encryption workarounds is that there are no guarantees. Workarounds are inherently probabilistic. On one hand, no approach will work every time. On the other hand, that a target has used encryption does not mean the investigation is over. The government has to search for a workaround that might succeed.

Note: The authors define a range of workarounds to include the "password sticky note on monitor" to "vendor installed backdoors".

Good to see this strong statement against backdoors being made by the IEEE. But what seems never to be mentioned in these discussions is anonymity: while I completely believe in the right of any one to send communications securely, I do not have the same belief that people should be able to be anonymous. I think there should be layers of anonymity and I should have the right to decide if I would ever receive a truly anonymously sourced message. Other identities should be protected, but subject to legal disclosure with the usual legal protections.

Public key encryption has solved this via signing. What needs to happen is collective marketing to promote some kind of "email 2.0" that requires public keys with the option to tie them to social media (perhaps the government, but they have a bad track record with technology) . That protocol would return a message saying "your email was not delivered because you didn't sign it with a public key".

Others suggest computational tokens as well to prevent mass spam. This might work too. Instead of "trusted" email addresses being passive on the receiver, trusted would mean "don't send a difficult auth token to the sender". Whereas if someone I've never communicated with before emails me, send them a computation that requires the server to do 30 seconds or more of work. Every subsequent message would have an easier token unless I flagged it as spam. Again, if the sender doesnt do the work, they get a "message rejected" failure.

No I don't think the blockchain would help here. It might be nice to upload your public key to it, and have a public "reputation score" about accusations of spam for each key, but keys need to be replaceable in the event of compromise and an attacker could replace someone's blockchain profile and there would be nothing anyone could do.

But communication by an anonymous sender, and, indeed, anonymous sending of small physical objects, has been available ever since public postal services were implemented, in the 17th century. I'm not sure it's worth trying to roll that back.

Real-time full-duplex encrypted and off-the-record communication between several anonymous parties is a new thing that skilled people can, with difficulty, obtain today.

Let’s not confuse things here. It is a statement on strong encryption. Not to be confused with a strong statement. It is not a strong statement. It is a very weak statement. It takes a stand only against “centralized” schemes, meaning they couldn’t come to agreement on whether to oppose decentralized schemes, which have most of the same problems.

Then instead of recognizing the possibility that a government could have evil laws that it enforced while technically following the processes assured by any key escrow type scheme, they characterize the problem as being one only of governments who do not adhere to the assured processes.

The thing is, a government could completely follow a processs and still do so for abusive reasons. The IEEE don’t see that as a problem in their scope of concerns, apparently.

The other huge problem with it is as mentioned above that it only focuses on (valid concern) the possible circumvention of one particular implementation (centralized) by people and governments behaving counter to the intent of the system. It completely gives hope to the fools who would work toward decentralized systems.

I think they're trying to focus on arguing the points that are more obviously problematic. I'm not sure if you asked the average person today that they would even be worried about abuse of power by their own government, despite history showing we should, unfortunately.

Further the trend in modern left-style rhetoric is to sacrifice civil liberties for civil-security which is why this topic is even being discussed again. If you are already mentally in the camp of sacrificing your liberty for security, no argument purely to the contrary will sway you. Personally I find it more productive to focus on the practical problems and use those to dissuade people instead of trying to convince someone to shift their ideaology. I'm not saying you're wrong that it's a weaker stance, but it may be a more effective argument...

At the end of the day the IEEE is a standards organization, not an internet ideaology group (c.f. The EFF).

People on the street communicate with you all the time. Communication is not only digital communication. These people don't have to be non-anonymous to communicate effectively or for you to trust or distrust their message.

Have you considered the cost of enforcing non-anonymous communication?

People on the street are not anonymous. Their bodies are right there, available to be seized by police if the speech crosses certain lines (stalking, threats, etc).

Words means different things to different people.

What is bad though is when people are redefining words to fit their story.

Did you mean that people are not invisible?

I share your belief. I believe this is no brainer. Communication can be harmful. This has been known forever. Yelling fire in a theatre, slander, etc. If strong anonymity becomes easy, then it becomes cheap to harm with speech anonymously. We should provide means to preserve the anonymity of whistle blower. What we should not strive to create are strongly anonymous alternatives to mass communication platforms -- twitter, blogs, messaging, etc.

I could not disagree more. Thankfully, the US Constitution is on my side and not yours.

Anonymous speech is essential to public discourse and the "marketplace of ideas", precisely because it enables dissenting opinions to be voiced without fear of persecution and heard without an a priori bias for or against the speaker: Anonymous speech forces ideas to be evaluated on their own merits.

It's true: with anonymous speech, people will occasionally have to put up with libel without adequate recourse. On the other hand, without anonymous speech, unpopular or dangerous but critical ideas might never be heard, or be heard with widespread bias ("We have not only the right but the duty to rebel against the tyrannical King", "We should form a Federal Union", "The Pentagon and the White House have systematically lied to the American people about the Vietnam war for years and years", ...)

Don't forget that the all-time best-selling book in America, the book George Washington had read to the troops the night before crossing the Delaware and launching the pivotal battle of the Revolutionary War--was published anonymously. Nor should you forget that the battle of opinions on ratification of our Constitution mostly played out in newspaper articles--again, published anonymously.

Finally, consider that it has always been cheap to harm with anonymous speech. Graffiti is certainly nothing new. What scares you so much about an anonymous blogger?

Also, remember that in many countries people don't have the legal protections for speech that Americans do.

Anonymity doesn't imply lack of individual control or moderation and is absolutely necessary for privacy, security, freedom of speech. If communications are identifiable by third parties all three can be defeated through censorship, spying, coercion and other means.

Why do you think that?

Just two examples: Imagine if I could set a preference in my email client that said "I do not accept anonymous emails". No more junk mail. And, secondly, that if I did get a spoofed communication that caused some sort of harm, I could in some way track down the spoofer. These would be big improvements to life on the internet.

Right, but there's a very big difference between "I'd prefer if my system dropped all unauthenticated incoming messages", and what I thought OP might have meant "nobody should be able to communicate without their state-issued ID attached".

Most spam (received by servers I manage, at least) aren't spoofed nowadays. They come from mail accounts that have been compromised and hijacked to send out spam.

Yeah, identity doesn't count for much when its easily lost. Look at all the issues we have today with identity theft. Attaching identities to more things would make it worse, perhaps to the point where its meaningless

With enough participants, security implies effective anonymity. See Tor.

> globalpolicy.ieee.org uses an invalid security certificate.

> The certificate is only valid for the following names:

> * .wpengine.com, wpengine.com


HTTPS is not deployed on globalpolicy.ieee.org.

It's quite interesting to see my comment, first got a couple of upvotes and went to the top (because it looks interesting?), then got a couple of downvotes (because my comment was seen as nonconstructive? 0r because it ranked #1 and some thought it shouldn't?), finally got more upvotes.

There must be some misunderstanding. Not at all I'm saying or implying IEEE is being hypocrisy. I just wanted to point out the simple fact that there are still works need to be done to ensure "HTTPS by default" on the public internet. One website at a time. Perhaps we should start with this IEEE website which coincidentally published a pro-encryption statement.

I think you're attributing too much weight to a comment moving up and down a thread without being made dead.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact