"If you use encryption, you help the terrorists win"

Jurgen Botz jurgen at botz.org
Sun Oct 26 12:57:29 PST 2003 

Tyler Durden wrote:
> Tim May wrote...
> "I predict we'll soon be seeing a new thought control campaign with this 
> theme, that "if you use encryption, you help the terrorists win.""
> 
> Well, I'm dubious. Right now I'm thinking their strategy has been to 
> pull encryption down off of the social radar, and that's worked better

I agree with this... and add the following...

For the last decade or so many of the "bad guys" (by whoever's
definition you want) have actually been using crypto, even if
the general public has not.  I think that by now the TLAs have
learned that this works in their favor on both counts...

1) The general public doesn't really use crypto... partly because
it's "off the social radar", partly because it's just too difficult,
etc., etc.  As a result the TLAs can employ the kind of Orwellian
mass surveilance they would like and get useful information out of
it.

2) The bad guys use crypto they know to be strong enough to stop
brute force attacks even by "major governments".  This does two
things... it makes them stick out in mass surveilance, and it makes
them put all their eggs in one basket (the encrypted one).  The
TLAs of course have many options other than brute force attack
on the crypto itself... key theft, tempest, rubber hose, everyone
here knows all the methods.  The TLAs may have to make a little
more effort, but the payoff is more likley to be very good.

Wasn't there a Mafioso who got busted and convicted based on
evidence that had been PGP encrypted and where they stole the
key with a keyboard dongle?  I'm sure that wasn't an exception;
the TLAs have adapted to the technology and found that it doesn't
/really/ make things harder for them... maybe it makes it easier
because the bad guys feel more secure.

So I think that they've learned that they really get the best of
both worlds with the status quo, and I don't see any indication
that they are about to rock this particular boat.  This may change
if the public infrastructure starts using more crypto by default
and people use better key management (smart cards?) but I don't
think that's really all that likely... at least at the moment
there doesn't seem to be any good momentum in that direction.

:j

More information about the cypherpunks-legacy mailing list