Every couple of\nyears, sometimes more often, some politician or law enforcement\nofficer brings up that encryption is preventing them from doing their\njob. Just recently reported in Arstechnica was such an article about\nthe US Attorney General William Barr.<\/p>\n\n\n
\u201cEncryption seriously degrades law enforcements ability to detect and prevent crime before it occurs.\u201d<\/a><\/p>\n\n\n It is true that when messages or data is encrypted it is difficult to impossible to decrypt depending on how well the encryption was done. I do have to agree that as a law professional it must be frustrating to be thwarted by locked phones, encrypted messages, mail or documents. In the \u201cgood old days\u201d you only needed to turn on the device to be able to browse through it looking for something incriminating. In retrospect that should probably be thought of the as the golden age of law enforcement starting with the creation of the personal computer and lasting up until about 2000. It is a subjective date but at the time the new kid on the block was the BlackBerry which was a cell phone with secure encryption. This was the first wake up call that information could be encrypted so that it could not be simply intercepted and examined. This allowed anti-government groups to both communicate in real time without the fear of that information getting out.<\/p>\n\n\n\n Over the years since then more and more security (ie encryption) technology has become main-stream. So simple in fact that you only need to know how to make a call or send a message and not be forced to use other intrusive methods to protect your message.<\/p>\n\n\n\n Prevention<\/p>\n\n\n\n The argument of Mr. Barr and all of these other well meaning people is that if this information was not encrypted it would allow law enforcement the ability to prevent bad things from happening. This is both a very admirable goal but quite lofty as well. The number of emails sent per day is 269 billion<\/a> while the number of text messages are 18 billion per day<\/a>. I am not sure what the US infrastructure would need to be in order to process this bulk of information, but it would be substantial. It is not the few computers needed to sift through the data but what happens to the threats that are found. If the goal was to prevent crimes then coordination between a group of potential bank robbers in rural Nebraska should be reported to the nearest authorities.<\/p>\n\n\n\n To be honest, I\ncannot see this level of access by the government being all that\nhelpful for local crimes. I would imagine that they would focus on\nFederal crimes such as threats to the nation\u2019s leaders or general\nTerrorism. Unless the terrorists are pretty stupid, they would not\nbe telegraphing their movements.<\/p>\n\n\n Poor<\/strong><\/p>\n We will all meet at the corner of 3rd street as planned on Tuesday 13 March at 5pm.<\/p>\n Average<\/strong><\/p>\n We are meeting on Tuesday at 5pm<\/p>\n Clever<\/strong><\/p>\n The plan is on, meet next Tuesday at the spot we agreed.<\/p>\n\n\n These exact messages are not so much help unless you have the context. These messages could be for some sort of terrorist plot or it could be meeting for a bachelor party. The context may be found in a single email but more than likely it would need to be gathered through many mails with other methods (ie humans interacting with bad guys). The emails, despite the massive volume, may not provide enough information.<\/p>\n\n\n\n Improve access or\nallow overreach<\/p>\n\n\n\n Allowing lawful access to encrypted information without prior approval or assistance of the party being surveilled would be really nice. The government has knowledge that you are purchasing very questionable materials and would like to take a peek into your communications to verify this. This request, if guarded by impartial people, on the ground of national security does seem reasonable. Nobody wants a bombing or a plane crash to occur if it can be prevented.<\/p>\n\n\n\n Yet there is always mission creep. If this ability to access emails were possible and the government decided that they would also use this power to tackle large scale fraud and corruption it would probably be viewed as good. It would not be long before some ambitious person decided that people cheating on their taxes would also be a good target for this as well. What about helping to prosecute spouses that do not pay their alimony or child support?<\/p>\n\n\n\n None of these are bad uses but what is the person who had this access was not impartial and had a chip on his or her shoulder. This would be a great way to do the same thing in a directed manner. Trying to dig up dirt on an ex-boyfriend. Getting hints on what your political opponent is doing and find ways to undermine them – part of the problem is that people are flawed.<\/p>\n\n\n\n Sometimes this\naccess to the data is referred to as a back door. Basically, a\nhidden way to monitor or access data in a given system. It seems to\nbe that it should really be referred to as the front door. To enable\nthis functionality, you are giving either a key for that particular\nuser or for all users of that particular system to the government. \nWould you trust that some government official, policeman or other\npolitical appointee had access to all your data? Would you trust\nthem to have the key to your house or apartment?<\/p>\n\n\n\n No encryption would provide effective access<\/p>\n\n\n\n Well, at least if this power would be given over it would be effective? It would be probably 98% effective or perhaps even more emails or social media accounts. The problem is the smartest \u201cbad people\u201d would be able to cover their tracks pretty effectively. <\/p>\n\n\n\n The ability for law\nenforcement to have access to the contents of a smart phone is not\nuseless but it is more useful for prosecuting people who have already\ndone bad things. Depending on the crime, the criminal is no longer\nalive to have justice meted out to him.<\/p>\n\n\n\n Presumably, just having access to the SIM card in the smart phone would allow the investigators a trail of people or phones that they can follow. This information would (currently) provides a digital footprint to where the phone went.<\/p>\n\n\n\n What could it hurt to provide this “back door”?<\/p>\n\n\n\n People are basically honest and hard working so we have little to fear. Many people have access to other types of high security materials. Well, that may be the case but people are also basically lazy and have a tendency to do the least possible work to get the most possible income.<\/p>\n\n\n\n Not only that but\nthis provides a very juicy target for people with bad intentions. \nLook at the problems that occurred due to incompetence, laziness or\nbad luck.<\/p>\n\n\n\n It is truely difficult to ensure that personal data is kept secure even with no back door as these companies can attest to.<\/p>\n\n\n\n The benefit of\nproviding such a \u201csecret back door\u201d is questionable while the\ndamage would be immeasurable if this access made its way into the\nwrong hands. This \u201cleak\u201d wouldn\u2019t have to be sabotage or ill\nwill, it could be carelessness by someone who had legitimate access.<\/p>\n\n\n\n After all, if the NSA cannot manage to keep their secret tools and methods secret what are the odds that a group that is controlled by politicians will fare any better?<\/p>\n","protected":false},"excerpt":{"rendered":" Every couple of years, sometimes more often, some politician or law enforcement officer brings up that encryption is preventing them from doing their job. Just recently reported in Arstechnica was such an article about the US Attorney General William Barr. … Continue reading