Why does this say that the DOJ has been pushing for this since 2016?<p>They have been pushing for some variation on this since basically forever. I first became aware of it back under Clinton with the <a href="https://en.wikipedia.org/wiki/Clipper_chip" rel="nofollow">https://en.wikipedia.org/wiki/Clipper_chip</a>. And the debate has been essentially the same since.<p>Law enforcement wants to be able to break security, and promises that their super secret, super safe system will provide everyone else protection from evildoers while letting law enforcement find the bad guys. Cryptographers have maintained that when you create a back door, it is a question of time until it is found and publicized.<p>And the back door doesn't even have to be found to be abused. Because it will be made available to law enforcement and the courts. Which are surprisingly easy for third parties to subvert. And which are happy to build programs for themselves that break the rules that they are supposed to follow. (Snowden anyone?)<p>Success has gone to both sides. But on the balance, the cryptographers have been right.
A small anecdote.<p>A few years ago in an undergrad business class, we were having some discussion and the topic of encryption came up during one of my presentations. A student asked a question related to the ethics of encryption (I don't recall exactly what), and I was clearly confused by the question.<p>To clear up confusion, the professor asked those who thought encryption was "bad" to raise their hand, and at least 60% of the class raised their hands.<p>It was pretty jarring to me, and makes me pessimistic about the outcome of a DOJ campaign to demonize and regulate encryption
> the “techlash” by Congress and the public “in the wake of myriad privacy scandals” and the 2016 election<p>This just makes my head explode. Because tech companies tend to be poor at privacy, let's use that logic to make it so the government can invade your privacy anytime they want?
Isn’t the tech lash for the complete opposite reasons? The fact that too many people have too much of our data? Why would people (outside of effective propaganda, which would be true even without the tech lash) support something that makes their problems worse?
So terrorists will use one-time pads and other strong encryption and everyone else will have their information exposed on a massive scale when the backdoors inevitably are exploited.
I was talking to a layperson about encryption and privacy and they were very much against both interestingly. They compared encryption to wearing a mask in public and said if people don't want to be noticed (w.r.t privacy and encryption) they shouldn't be "participating" (it was unclear what they meant by this).<p>Just goes to show you how the average person thinks about these things. I have to admit I wouldn't like it if people wore masks in public in a way where I couldn't recall their face, but I don't think that's necessarily the same as encryption, but I guess I see the comparison.
I guess it comes down to who are you more afraid of? Terrorists and pedophiles or law enforcement with unlimited power and resources to spy on you and imprison you. Of course it's a false choice anyway, if encryption is legislated away the bad guys will very easily continue to encrypt their communications anyway, after all you can communicate with someone by shooting a wall in a game of halo if you want to.
We tried to respond thoughtfully to each of the strange arguments made by the DoJ regarding the need for encryption backdoors to protect children:<p><a href="https://blog.nucypher.com/todays-kids-need-end-to-end-encryption/" rel="nofollow">https://blog.nucypher.com/todays-kids-need-end-to-end-encryp...</a><p>It's difficult at this point to think that the DoJ is arguing in good faith.
You first DOJ. These folks want back doors so they can read everyone's traffic, but once you put a back door in an encryption standard, it affects everyone.
This is genuinely threatening to too many interests in the US, will not pass. Much smoke, but no heat, just like the last few times its been proposed. They will not get a master key to everything lol, nobody trusts DOJ like this. The people in power have dirt to hide too, just like you and me.
This will just push people to open source applications and peer to peer networking. Basically, devolve back to the early days of the internet with regard to person to person communications.<p>How is the DoJ going to force Signal or even Telegram to add a back door?
Encryption keeps the government out of things it shouldn't be snooping on, and also keeps other governments out of those things. If key escrow is mandated, it would be cracked to high heavens by parties unfriendly to the US within a year or two,tops, mark my words. Then what?
Shouldn't the US government be pushing good encryption? I wonder what sort of world we would be living in if the NSA had spent 1/2 as much time over the last 10 years trying to protect Americans from hacking as they do trying to spy on Americans.
Privacy is extremely important, especially as also our democratic governments cannot be trusted always, at least this is the impression I get when reading the interview with the UN Special Rapporteur on Torture concerning the Assange case: <a href="https://www.republik.ch/2020/01/31/nils-melzer-about-wikileaks-founder-julian-assange" rel="nofollow">https://www.republik.ch/2020/01/31/nils-melzer-about-wikilea...</a>
MITM-as-a-business has been nothing but a slow motion train wreck destroying individual liberty. FAANG may bicker with the DOJ/NSA (and Ma Bell) about who is in control of all the surveillance data, but none of them are fighting for <i>we the people</i>. They're all just jockeying over who gets to rule.<p>The sane response to corporate totalitarianism is most certainly not government totalitarianism. Sadly with how the two political salesteams frame a false division merely over different flavors of authoritarianism, this has a good chance of working.<p>As always, the true answer is trustable software running under the control of users ourselves. Unfortunately, we will have to see how bad things get before most people are driven away from all of these centralized attractive nuisances.
Are there any concrete proposals on the table that can be looked at?<p>This feels to me like one of the typical debates where people are shooting at each other but nobody understands what they really are talking about.
Is this news or is this a blog post? I understand it's very informed, and I don't necessarily mind opinionated journalism, but this seems to be speculating as to the motives of the FBI.<p>To me, this seems like only one very passionate side of an important debate. A big question I have is, "how likely is this legislation to actually become law?" UK and Australia passed similar laws, sure, but they also banned guns and that's not gonna happen here.
OK, so how have things been going for the UK and Australia? Has anything concrete actually happened as result of the legislation that has helped law enforcement get access to encrypted communications?<p>In other words; does legislation actually make a difference in practice? Or is it just some sort of pointless political signalling?
I think the term "techlash" is an attempt to shape opinion on the existence, source, nature and of the problem being discussed.<p>Really, the issue is "corplash", or backlash against large corporations abusing privacy... and even then, it's really not the corporations' fault, it's the fault of the US government for not making what they're doing illegal.<p>Corporations are actually obligated to make money for their shareholders. A corporation does not have the free will to choose a moral course over those obligations, especially in the US.<p>Corporate officers have to seek out and take advantage of every opportunity to make money available to them or otherwise they may well lose their jobs or even be sued.<p>Since it's not illegal to make money off of invading privacy, corporations are obligated to try provided doing so won't negatively impact their profits.<p>Calling it "techlash" implies that somehow tech is at fault, or even large tech corporations, but in truth the US Government is at fault for not updating privacy laws for the computer age. The term directs anger away from the real culprits.
Real criminals won't use such platforms anymore, but use custom end-to-end encryption. They'll find people to make them something, if need be by using steganography.<p>This will only hit innocent people or low-level criminals, the real bad actors will find ways around it.
People eager to give others power over them don't really appreciate what it's like to live under a totalitarian state.<p>The older I get the less hope I see of people learning anything from history. Perhaps we really are doomed to repeat it.
I'm guessing this is cryptographically impossible but are there any schemes that allow 2 different keys to decrypt to two different messages for deniability? Perhaps a key containing a seed number to adjust the algorithm?
So there is a "techlash" against privacy abuse now, and DOJ thinks it's a good idea to push even further privacy breach by fighting encryption? How stupid is that?<p>Hopefully they'll get even a stronger push back.
As soon as law enforcement is granted any exceptional access they’ll go on to claim they need more access and less oversight.<p>As soon as they’re granted such access it will become an irreversible status quo.
Seriously question, how are they going to stop me from downloading signal from source, building it locally, and installing it on my and everyone i knows cell phones?
I find it interesting that the hn world is largely unified in beliefs about the trade-offs of exceptional access that aren’t necessarily true. Perhaps this is a cultural top-down tribal mentality borne of an adversarial arrangement between the billionaire oligarchs behind the startup scene and the government which serves to offer counterbalance against unchecked power.<p>I personally find it reprehensible that large trillion dollar tech corps wash their hands of responsibility for the safety of citizens by offering strong encryption to the masses.<p>I’m personally okay with secret police, but such things work better in secret. The calculus has indeed changed. Checks and balances within such secret societies do need to exist. I’m hopeful that tech geniuses will help to solve the problems regarding technical and social trade offs and risks behind exceptional access, instead of conforming to the often strict libertarian mentality of the sv community.
Conspiracy theory: The NSA hamfistedly contributed to various leaks in the same way the CIA gave guns to terrorists, i.e. by providing various groups with the tools they'd need to break into American companies.<p>Now they can capitalize on it - "see, tech companies can't be trusted with your data. Trust us instead."
I’ve posted plenty of times on HN about the danger of the government being overly involved in tech and the last thing you should want if you value your liberty is more government involvement.<p>I’ve also warned that giving government more power to “protect” people from big tech would come back to bite the very people who for some strange reason trust government.<p>Every time I’ve been downvoted to oblivion.<p>Now the chickens are coming home to roost.....