FBI Director, James Comey has requested that Congress create mandates on tech companies to essentially create a backdoor or weakened encryption of its products to make it easier for law enforcement to read our communications and data.
Here is an EXCELLENT video from the Cato Institute discussing what a terrible idea this is…
First, I encourage you to watch the video. It is only 7 minutes long and they make some excellent points on the issue. I will add some points from my perspective.
As a tech guy that does related activities daily the concept of creating a “back door” or “master key” that only the company can have access to and happily hand over to law enforcement or spy agencies upon request is really ill informed of exactly how encryption even works. ANY vulnerabilities, intentional or not can be exploited by others just as easily as it can be handed over by said companies to the FBI upon request.
Mr. Comey’s remarks about how he is not a tech person and thinks there are a lot of “smart people” in the tech sector that should be able to find a way to “work this out” is one of the most ignorant comments uttered in this debate.
It is ignorant comments like these that have created the millions of pages of regulations faced by American businesses today. Morons in Congress at the behest of special interest groups, like the FBI, in this case make some vague demand to make their job easier and Congress simply passes a mandate! Presto, just like that the problem is solved, yeah! Another problem solved by Congress, what’s next?
Only its not. First, what if encryption software is open source and someone from another country takes this and removes the vulnerabilities and then starts using it for terrorist communications? This would not be an American company or even an American citizen. They would not be subject to the mandate in our country and I guarantee wouldn’t follow it.
What keeps entrepreneurs in other countries from deciding to fill the gap in the market for “back door” free encryption and they sell it overseas from a non U.S. base of operations? The bad guys can still get their hands on it.
Creating deliberately weak encryption technology to make law enforcement’s job easier and simply mandating that this happen is one of the dumbest ideas ever uttered by a politician. Here is a basic truth, sometimes your job is hard.
We should not always be trying to find ways to make law enforcement’s job easier at the cost of our civil liberties and protection of our private communications.
Technologically there is no way to do this without creating vulnerabilities that skilled bad guys all over the world, i.e. China, Russia, etc can exploit to our disadvantage. Your mandate will be ignored by others around the world who will simply create the in demand software that you have barred U.S. companies from creating. Such a move might remove one of our key attributes as a innovative nation in the tech sector at risk.
The terrorist and other bad guys will simply know that there is a back door to the U.S. created stuff and will quickly adapt and go use stronger stuff created by someone else and will continue to do bad stuff. What are you going to do, mandate that all terrorists must use weakened U.S. software?
What you are seeing unfold here is morons that don’t know anything about technology telling those that do to build an inferior product and simply saying things like “there are a lot of smart people that should be able to figure this out” clearly shows you are not one of them. The FBI’s solution won’t solve the problem at hand, but will create many others.