Full Disclosure, I'm a co-author on the MIT paper that this article cites.<p>The posted article is talking about the following two op-eds by WaPo[1,2]. What's interesting here is that in [2] they call for a national academies study on the issue, the logic being that the state of encryption has changed. The academies have studied exceptional access in the past, and generally thought it was a terrible idea [3].<p>I'm personally not opposed to a new study, but the point of the paper we wrote was to argue that it's an even _worse_ idea than the last time exceptional access was considered. I'd be shocked if the academies changed their minds.<p>[1]<a href="https://www.washingtonpost.com/opinions/putting-the-digital-keys-to-unlock-data-out-of-reach-of-authorities/2015/07/18/d6aa7970-2beb-11e5-a250-42bd812efc09_story.html" rel="nofollow">https://www.washingtonpost.com/opinions/putting-the-digital-...</a>
[2]<a href="https://www.washingtonpost.com/opinions/compromise-needed-on-smartphone-encryption/2014/10/03/96680bf8-4a77-11e4-891d-713f052086a0_story.html" rel="nofollow">https://www.washingtonpost.com/opinions/compromise-needed-on...</a>
[3]<a href="http://www.nap.edu/catalog/5131/cryptographys-role-in-securing-the-information-society" rel="nofollow">http://www.nap.edu/catalog/5131/cryptographys-role-in-securi...</a>
> If you don’t understand how technology works — especially a technical subgenre as complex and dense as encryption and information security — then don’t write about it.<p>This is certainly one message to draw from the situation. But it's not the most constructive message -- it puts the burden on non-technical people, telling them what not to do. Even if non-technical people realize that there are scientific limits to technologies, that won't stop them from thinking about and writing on technology incorrectly.<p>I think the burden should fall on us techies -- I think there is something constructive we can do. I think we should strive to educate others on the roles and limits of technology. Even if we can't teach everyone the math, physics, electrical engineering, programming, and software engineering they would need to truly understand technology, we can explain the limitations of something like encryption with our blog posts, social media, and every day conversations.
I've been watching season 1 of "The Blacklist" in the background while working over the weekend. Aside from being yet more terror porn, one of the interesting subplots had a rogue unit surveilling the FBI. The implication was clear: these bad guys are so cool and awesome that they can run their own surveillance! Against us!<p>But really, not so much. If you really wanted to gather a whole bunch of secret data on what the government was doing? You wouldn't need to set up cameras and monitor everything. You wouldn't need some super-cool intercept site located in Virginia. <i>The government has already done that for you</i>. All you need to do is break in and scoop up data like every other subscriber is doing -- just like what happened with the recent breech at OPM. (Which, being the biggest heist in American intelligence history, is amazingly under-reported)<p>As this article points out, people seem to lose sight of the fact that by putting all of our eggs in one basket, we just make it easier for somebody to rob us of all of our eggs. Backdoors are a horrible idea. I agree with the author here that the reasoning displayed on these editorial pages is "breaktakingly stupid"<p>Aside from the fact that the security state is destroying the republic, there are some seriously ignorant people making broad decisions about a lot of things they should just stay away from.
(My wife was in the DC press corp for years covering Congress, serving in the White House Press Pool, and the Pentagon at various times.)<p>Unfortunately, the vast majority of the press has little understanding and even less background in the topics they cover. The article they write on Wednesday, they may have learned about on Tuesday, after being assigned it on Monday. This is why so many groups can get away with handling them something that is just slightly less promotional than a press release and get away with it. Combine that with tight publication schedules and the sheer amount that they have to publish (though mostly bloggers, less general journalists) and it's a recipe for disaster.<p>While my wife was still active in that space, I briefed her colleagues on technical matters regularly. I felt like I was helping educate at scale but at some point I realized that too many just didn't care. They wanted the "10 second sound bite" and move onto the next topic.<p>Note: If the reporter has a strong background in a subject - technology, medicine, etc - they become the exception rather than the rule as most of them can make more money as consultants than beat reporters. They are often subtly promoting their own books and lectures too.
Is there a term for the phenomenon where whenever the press covers a subject you are knowledgeable on, you can see clearly their reporting is terrible -- so inductively they are always reporting terribly?
TechCrunch is one to talk. Their writing might be more knowledgeable but is still characterized by magical thinking on tech when it comes to Big Names and Buzzwords.<p>The WaPo editorial board has taken a stance which large businesses that specialize in high tech products have already publicly opposed. In this particular disagreement, the technologists' position supports that of Valley firms, so TC can namecheck Diffie, Rivest and Schneier to argue their case.<p>Wake me up when TechCrunch starts echoing Schneier about the surveillance economy fueling the internet.
I can sympathize with the Washington Post.<p>There are two common uses for the word "impossible" that are relevant here. Solving the halting problem is impossible in the absolute sense. We have a proof.<p>But think about the (mind-blowing) discovery of asymmetric encryption. Before that, many things would have reasonably described using the word "impossible" in the sense of "nobody has any idea how to do that."<p>Do we have a proof that "golden key" thing is impossible in an absolute sense? If so, then it needs to be explained to non-technical people in a way that conveys that. If it's just that nobody knows how, then it's not actually impossible.<p>I think maybe people are interpreting the article as saying "if Google and Apple wanted to, they could do it this year" and of course that's incorrect. But I read it as them just lamenting that nobody even seems to be trying.<p>And I think their read on the lack of motivation is accurate. The people saying it's a bad idea from a technological perspective probably also think it's bad policy -- they wouldn't trust the government with a golden key even if it were possible.<p>So all the Washington Post can do is try and convince people that it's good policy. And it's fine to disagree with that, but it's unfair to call them stupid for thinking that there could possibly be a solution to the problem.
You don't really have to have a deep understanding of the technology to understand that there can't be such a thing as a technology that can only be used by law enforcement personnel performing their legitimate function.
Perhaps it would be a better tack to explain to the Washington Post that, yes, technology is magic. However the kind of magic that has been used here is to wedge open Pandora's Box and pipe the output into the global economy, so unfortunately it doesn't respond reliably to demands.