[Cryptography] Anti-clipper team re-assembles

[alan at clueserver.org]

> Well, as long as they waste your time in explaining to everyone that
> government should get out of encryption, instead of you patching problems,
> I think it will make them happy.

The problem is trust.

After the NIST/NSA exposures, the feds have demonstrated that they are not
to be trusted to build secure systems for anyone but themselves. (And I
have doubts that they can do that either.)

The politicians are engaging in a massive amount of magical thinking
involving security. The idea that they can demand a feature and it will
only work as they imagine it is folly. (I have seen a few Cypherpunks make
the same mistake. One specific example comes to mind.) A big part of the
problem is one of management. Managers are taught that you don't have to
understand the things that you manage. This means that they are unable to
understand just what these things are used for in the modern world. They
think of cryptography as something only used by spys and terrorists, not
everyone who uses any sort modern technology. (I worked for an insurance
company that used PGP/GPG to deliver financial data to customers. Are they
going to backdoor those transactions?)

To enable the policy that the FBI is demanding would be like a demand to
replace every lock everywhere with one that the feds could easily pick.
The cost would be incredible and the logistics would be impossible. How
would they know if they got them all? How would you test that? What about
all those people who know how to make untampered with locks? Would
locksmithing suddenly become a crime?

The "Do as I say and don't ask embarrassing questions" mentality is a
problem in any authoritarian system. And it seems to be getting worse
here.