> The first lesson of encryption workarounds is that there are no guarantees. Workarounds are inherently probabilistic. On one hand, no approach will work every time. On the other hand, that a target has used encryption does not mean the investigation is over. The government has to search for a workaround that might succeed.
Note: The authors define a range of workarounds to include the "password sticky note on monitor" to "vendor installed backdoors".
Others suggest computational tokens as well to prevent mass spam. This might work too. Instead of "trusted" email addresses being passive on the receiver, trusted would mean "don't send a difficult auth token to the sender". Whereas if someone I've never communicated with before emails me, send them a computation that requires the server to do 30 seconds or more of work. Every subsequent message would have an easier token unless I flagged it as spam. Again, if the sender doesnt do the work, they get a "message rejected" failure.
No I don't think the blockchain would help here. It might be nice to upload your public key to it, and have a public "reputation score" about accusations of spam for each key, but keys need to be replaceable in the event of compromise and an attacker could replace someone's blockchain profile and there would be nothing anyone could do.
Real-time full-duplex encrypted and off-the-record communication between several anonymous parties is a new thing that skilled people can, with difficulty, obtain today.
Then instead of recognizing the possibility that a government could have evil laws that it enforced while technically following the processes assured by any key escrow type scheme, they characterize the problem as being one only of governments who do not adhere to the assured processes.
The thing is, a government could completely follow a processs and still do so for abusive reasons. The IEEE don’t see that as a problem in their scope of concerns, apparently.
The other huge problem with it is as mentioned above that it only focuses on (valid concern) the possible circumvention of one particular implementation (centralized) by people and governments behaving counter to the intent of the system. It completely gives hope to the fools who would work toward decentralized systems.
Further the trend in modern left-style rhetoric is to sacrifice civil liberties for civil-security which is why this topic is even being discussed again. If you are already mentally in the camp of sacrificing your liberty for security, no argument purely to the contrary will sway you. Personally I find it more productive to focus on the practical problems and use those to dissuade people instead of trying to convince someone to shift their ideaology. I'm not saying you're wrong that it's a weaker stance, but it may be a more effective argument...
At the end of the day the IEEE is a standards organization, not an internet ideaology group (c.f. The EFF).
Have you considered the cost of enforcing non-anonymous communication?
What is bad though is when people are redefining words to fit their story.
Did you mean that people are not invisible?
Anonymous speech is essential to public discourse and the "marketplace of ideas", precisely because it enables dissenting opinions to be voiced without fear of persecution and heard without an a priori bias for or against the speaker: Anonymous speech forces ideas to be evaluated on their own merits.
It's true: with anonymous speech, people will occasionally have to put up with libel without adequate recourse. On the other hand, without anonymous speech, unpopular or dangerous but critical ideas might never be heard, or be heard with widespread bias ("We have not only the right but the duty to rebel against the tyrannical King", "We should form a Federal Union", "The Pentagon and the White House have systematically lied to the American people about the Vietnam war for years and years", ...)
Don't forget that the all-time best-selling book in America, the book George Washington had read to the troops the night before crossing the Delaware and launching the pivotal battle of the Revolutionary War--was published anonymously. Nor should you forget that the battle of opinions on ratification of our Constitution mostly played out in newspaper articles--again, published anonymously.
Finally, consider that it has always been cheap to harm with anonymous speech. Graffiti is certainly nothing new. What scares you so much about an anonymous blogger?
> The certificate is only valid for the following names:
> * .wpengine.com, wpengine.com
> Error code: SSL_ERROR_BAD_CERT_DOMAIN
HTTPS is not deployed on globalpolicy.ieee.org.
There must be some misunderstanding. Not at all I'm saying or implying IEEE is being hypocrisy. I just wanted to point out the simple fact that there are still works need to be done to ensure "HTTPS by default" on the public internet. One website at a time. Perhaps we should start with this IEEE website which coincidentally published a pro-encryption statement.