> "The claims that the blockchain advocates make are not true," said Bruce Schneier. "It's not secure, it's not decentralised. Any system where you forget your password and you lose your life savings is not a safe system," he added.
His tweet. He clearly identifies the problem as “lost password” implies disaster. This line of thinking is what the government uses to argue for back doors in cryptography software. The position he is taking leads to the argument that we need our cryptographic keys backed up by the state/corporations so that we don’t lose our life savings.
Have you considered the possibility that maybe he's simply advocating for a customer service representative who can reset your password in the sql database after verifying your identity, instead of going back on everything he's ever said and repudiating his life's work as a well respected security professional, and that perhaps Bruce Schneier is not just an unethical hack like the crypto bros he's criticizing?
>Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith.
Edit:
politician> Without the man coming on HN and explaining his apparently incongruous position, though, who can say?
Bruce Schneier explains why he's not coming on HN and explaining his apparently incongruous position to you:
Bruce> Honestly, I can't care very much about random conversations that misrepresent me. Life is too short.
Don> Am I right to presume you don't directly or indirectly advocate for backdoors, and your position on cryptocurrencies is not incongruous with that? ;)
Bruce> Of course not. I don't even understand how "blockchain is useless" has anything to do with backdoors.
Don> If so, could I share that fact, and have you written any articles about your position on backdoors that I could link to please?
Just read your latest edit: Thank you for reaching out and getting a definitive answer. For the record, I don't object to the argument that "blockchain is useless" - I don't think it's useless, but I can understand why many people do believe that. What was off-putting about his tweet was the notion that its an unsafe system that arises from unrecoverable private keys, or, in other words, systems whose security depends on the privacy of private keys are unsafe.
I am allowed to be disappointed in his advocacy of a position that undermines his life’s work. That his major accomplishments are cryptographic in nature is precisely why I called him out specifically, and not some random hack.
Don, sometimes people can find themselves advocating for policies that accidentally undermine their long held positions in other areas.
Without the man coming on HN and explaining his apparently incongruous position, though, who can say?
It’s only your weird interpretation of what he’s saying that undermines this though.
He’s saying systems where you could lose your life savings to a forgotten password are unsafe. This is clearly true. He hasn’t proposed a specific solution but I think it’s far more likely he believes in “use other systems” than inserting a back door into the system he’s identified as fatally flawed.
1) Bruce says systems that result in catastrophic loss from loss of a password are unsafe.
2) Reading at face value, Bruce's idea of a safe system is one where your passwords are recoverable.
3) Bruce knows that wallets are secured by asymmetric cryptography, not "passwords". Therefore, he must be simplifying for a general audience.
4) Reconciling the previous two points results in an argument for mandatory private key escrow.
It does not make sense that Bruce would advocate for mandatory key escrow, and yet, that is the logical endpoint of the argument he made in his tweet for supporting this letter.
Because it’s extremely consistent he’s arguing the system in question is fatally flawed and that he opposes it entirely. He doesn’t need to be advocating for some back door in crypto when “don’t use crypto” is a better simpler explanation of his position. I think his signing a letter that may argue for a ban of crypto is fairly consistent with this.
By your argument anyone who is in favor or reducing child molestation is indirectly advocating Orwellian levels of state surveillance because some people that want such surveillance might use reducing child molestation as one of their arguments for it.
Similarly anyone that argues for reduction in net greenhouse gas emissions to fight climate change is indirectly advocating for a dystopian future where the government monitors everything we do at a fine grained level because people who do want such a dystopian future might use reducing greenhouse gas emissions as one of their justifications.
And what about building bike paths and walkable neighborhoods and public transit? Also indirectly promoting the surveillance state. They make it easier for people to live in dense car-free neighborhoods, and the denser the population the easier it is to surveil them. Dense housing means you neighbors hear more, and those neighbors might be informing the State. Public transit like buses and trains will have cameras (for safety they claim) but really just make it easier for them to track the movements of many people at once.
It's certainly a needle you can thread, but I don't think such nuance will be a winning political argument.
e2e encryption is in danger as is, and the strongest arguments against both are rooted in the same ideological substrate (criminals vs those needing protection); as are the arguments in favor.
The Supreme Court of the US has determined money to be speech, so this is an unwise position to take.
If you ask the government to prevent the use of cryptography in cryptocurrencies then you undermine the argument that the government should not tap or intermediate all communications.
At the end of the day, a financial transaction IS a message. It’s a command to a ledger to make an adjustment.
IANAL, but as far I understand, "money is speech" relates to the 1st amendment, whereas wiretapping and key escrow relate to the 4th amendment. Which legal theory could be reasonably applied to map from "ban/regulation of crypto-currencies" to "ban/regulation of E2EE communication"?
I'm specifically asking for a legal theory, not a political framing, because your explicit mention of the Supreme Court implies a scenario where politics will ban/regulate one of both things, and then courts will employ the "money is speech" argument to map the ban/regulation of that one thing onto the other thing.
Good question. When you look at the original tweet, he said that systems that lack recoverable credentials are not “safe”. From there, it’s easy to argue that if we want “safe” systems, then we need recoverable credentials. Recoverability in a cryptocurrency context necessarily implies mandatory key escrow or algorithm backdoors.
This is my line of reasoning. Whether he dislikes cryptocurrency or not is irrelevant, but the argument that you cannot have a safe system with private credentials was what I found objectionable.
EDIT: Re legal theory: The idea that cryptographic systems are unsafe is likely to result in a weakening of protections for such systems. Cryptocurrency is an easy target because it’s essentially 100% cryptography and because it has no patron. The banning on cryptocurrencies can be extended to a ban on private keys via the safety argument.
Closest analogue might be gun control (Encryption is legally considered a munition).
Last edit, I promise: this creates a situation where a cryptocurrency wallet is simultaneously a munition (2nd amendment), speech (1st amendment), and secure papers (4th). Legislators could use this nexus to move between domains to expand the scope of any bans.
