Obama’s government wants to be able to monitor all Internet communication and it is ready and willing to mandate that all encryption software, including peer-to-peer apps, have a backdoor so that the government can decrypt the traffic.
The New York Times reported this morning on a Federal government plan to put government-mandated back doors in all communications systems, including all encryption software. The Times said the Obama administration is drafting a law that would impose a new “mandate” that all communications services be “able to intercept and unscramble encrypted messages” — including ordering “[d]evelopers of software that enables peer-to-peer communication [to] redesign their service to allow interception”.
And we all know that no one but the government will be able to use the backdoor. I mean, it’s not like there are groups of people working to break the security systems of public and private networks. The fact is, any weakness in a security protocol will eventually be exploited. It just a matter of time. Heck, even my most tech illiterate wife recognizes that fact.
Let’s just look at the technical problems of this before we get into the even nastier legal issues. First of all, from my sarcastic rant above, there is no way any cryptographic backdoor will remain in the sole possession of the government. There are too many skilled hackers and crackers out there for such a hole to remain secret for long; especially when they know the hole is there.
Take a minute and think about all the times you use encryption during the day. You use it when you log in to most web sites. You use it when you purchase products over the Internet. Corporate users will almost certainly use encryption when they send or receive email. Like most systems administrators, I use it to securely log into the servers I maintain so that I can manage those systems.
What happens if someone breaks any of those things? Think your Facebook or Twitter credentials are unimportant? A second worm has hit Twitter this week. Worms and other malware can not only steal your private information, compromised machines are often used to launch attacks against other systems or provide hosting for pornography, including child porn, and additional malware. If your Facebook account gets hacked, all of your friends are at risk of being compromised. Then, of course, there’s useless information like your bank and credit card numbers.
All of that information is vulnerable the minute you introduce a designed weakness into the encryption system.
Then there’s the nasty civil rights issues. What does it do to a person’s right to free speech when they know that any communication they can be read by the government … or their ex-girlfriend. Encryption is just one tool that can be used to defend our Liberty and the Obama administration wants to take that away from us.
This isn’t the first time either. I remember the case of Phil Zimmermann and his app Pretty Good Privacy. The government tried to shut him down and eventually dropped all charges. These days, PGP and the various open source implementations of the PGP encryption standard have become the de facto tool to encrypt email messages. There are even simple to use plugins, such as Enigmail, for email apps like Thunderbird.
Call your Congressmen and the President’s office and tell them that their encroachment on our rights must stop.
(Originally posted at PerlStalker’s Ramblings.)