[Cryptography] Jim Baker explains encryption to us
agr at me.com
Fri Oct 25 09:46:20 EDT 2019
On 23 Oct 2019 16:27, John Levine wrote:
> In this longish piece in the Lawfare blog, former FBI counsel Jim
> Baker reiterates his take on the encrpytion debates. There's a certain
> amount that makes me want to bang my head against the wall, e.g.
> After working on the going dark problem for years, I'm confident
> that this problem can be addressed from a technical perspective. In
> most cases, it's just software, and software can be rewritten.
> But it's worth reading to remind us of what the other side is
> thinking, even with a lot of motivated reasoning that makes him
> conclude that Congress can pass some laws and the going dark
> problem will be solved. (Please do not write and explain why
> he's mistaken. We all know why.)
> https://www.lawfareblog.com/rethinking-encryption <https://www.lawfareblog.com/rethinking-encryption>
I think you need to read that blog more carefully. Mr. Baker is NOT reiterating his past positions on the encryption debate; he is coming darn close to changing sides. He now says that cybersecurity concerns are extremely grave and should be given higher priority and and that strong encryption is needed for that battle. The quote you cited is immediately followed by a but…
"But a solution that focuses solely on law enforcement’s concerns will have profound negative implications for the nation across many dimensions. I am unaware of a technical solution that will effectively and simultaneously reconcile all of the societal interests at stake in the encryption debate, such as public safety, cybersecurity and privacy as well as simultaneously fostering innovation and the economic competitiveness of American companies in a global marketplace.”
The article spends a lot of time explaining the threat from China and that the inevitable market penetration by Huawei switching equipment means we will have to live with “zero-trust networks” and that strong encryption is essential to counter that threat. He also suggests that law enforcement concentrate more on exploiting metadata. He concludes:
"All that said, I still found it painful to write this piece, especially since I worked for so many years in the Justice Department and the FBI on the going dark problem without ever finding a viable solution. I have no choice but to admit that I failed in that regard.
But we all need to deal with reality. And in my experience, that’s what the people who have dedicated their lives to protecting all of us—such as the employees of the FBI—usually do best. How else do you stop the bad guys but by living in reality and aggressively taking the fight to them based on an accurate assessment of the facts? I am most certainly not advocating surrender, but public safety officials need to take a different approach to encryption as a way to more effectively thwart our adversaries, protect the American people and uphold the Constitution in light of the existential cybersecurity threat that society faces. If law enforcement doesn’t want to embrace encryption as I have suggested here, then it needs to find other ways to protect the nation from existential cyber threats because, so far, it has failed to do so effectively."
This is an important reconsideration of strong encryption by a previous opponent.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography