Comments On Cathy Young's Defeatist Compromising
Mike Alissi
malissi at reason.com
Tue Oct 16 11:13:59 PDT 2001
Commentary From Reason Magazine
Dear Matt - I wanted to be sure you've seen Jacob Sullum's latest column at
Reason Online: <http://www.reason.com/sullum/101601.html>
It's copied below.
Thanks,
Mike
October 16, 2001
Fear of Prying
By Jacob Sullum
I first downloaded Pretty Good Privacy a couple of years ago, at the
request of an interview subject. He was nervous about discussing his
drug use through unprotected e-mail, and my willingness to use PGP
reassured him not only that he would be safe from eavesdroppers but
that he could trust me to take his privacy concerns seriously.
It was a small illustration of encryption's power, but it brought
home to me what a godsend this kind of readily available, easily used
software must be to dissidents who risk prison by sharing
unauthorized information or expressing forbidden opinions. Phil
Zimmermann had such people in mind when he created PGP a decade ago
and risked prison by posting it online.
At the time, the U.S. government considered strong encryption
software a "munition," and by making it available to human rights
activists around the world Zimmermann was arguably violating a
federal ban on the export of such weapons. Some politicians are
trying to revive this sinister view of encryption in the wake of last
month's terrorist attacks.
In a floor speech a week after hijacked airplanes collided with the
Pentagon and the World Trade Center, Sen. Judd Gregg (R-N.H.) worried
aloud about "somebody out there using encryption technology for the
purposes of pursuing a terrorist act in the United States." He
declared, "There is no excuse for anybody to be underwriting that
type of activity in our country."
To prevent terrorists from shielding their communications, Gregg
wants to make all producers of encryption systems design their
products so the government can read the messages they generate. The
surveillance would be "judicially controlled" to make sure it "simply
gets at the bad guys."
Gregg's opposition to strong encryption is echoed in some surprising
quarters. Boston Globe columnist Cathy Young, a colleague of mine at
Reason magazine, has confessed that "the idea of people being able to
encrypt electronic communications so that they are beyond
surveillance" has always seemed "scary" to her, "precisely because of
the threat of terrorism."
This is like saying that computers or telephones or airplanes or box
cutters are scary. Any technology can be used for good or ill. The
question is whether the potential for evil justifies restrictions on
legitimate uses.
As more than one critic has pointed out, the arguments against strong
encryption could also be used against strong locks, since criminals
tend to hatch their plans behind closed doors. That doesn't mean all
of us should make extra sets of house keys for the police in case
they need to search our homes.
We have been down this road before with various proposals during the
1990s for "key recovery" arrangements through which the authorities
could break otherwise unbreakable codes.
Now as then, the most decisive argument against encryption controls
is that they wouldn't work because PGP-like software is already
available from a variety of sources.
Does Sen. Gregg plan to come to my house and erase my copy of PGP? If
not, how can he possibly hope to stop terrorists, who are much more
highly motivated than I am to shield their communications, from
obtaining and using such software?
The attempt to do so would weaken security rather than enhancing it.
A 1998 report from a panel of distinguished cryptographers and
computer scientists concluded that "there are compelling reasons to
believe that, given the state of the art in cryptology and secure
systems engineering, government-access key recovery is not compatible
with large scale, economical, secure cryptographic systems." A member
of the panel, Matt Blaze, recently told The Washington Post, "I am
extremely doubtful that this could be done without weakening computer
systems, and the costs would be absolutely staggering."
In addition to the bugs introduced by added complexity, keeping extra
copies of the keys used to decode messages would create tempting
targets for thieves. The keys could also be compromised by
incompetent or corrupt officials charged with protecting them.
Misuse of official records is not exactly unheard of in this country,
and the problem would be magnified if every unsavory regime that has
enlisted in the war on terrorism were to be trusted with the keys to
its citizens' e-mail. For the dissidents Phil Zimmermann is rightly
proud of helping, the whole point of encryption is to guard against
official surveillance. If Gregg's vision were ever realized, they
would once again have to watch what they say.
) Copyright 2001 by Creators Syndicate Inc.
Jacob Sullum's weekly column is distributed by Creators Syndicate. If
you'd like to see it in your local newspaper, write or call the
editorial page editor.
**************************************************************************
Subscribe to Freematt's Alerts: Pro-Individual Rights Issues
Send a blank message to: freematt at coil.com with the words subscribe FA
on the subject line. List is private and moderated (7-30 messages per week)
Matthew Gaylor, (614) 313-5722 ICQ: 106212065 Archived at
http://groups.yahoo.com/group/fa/
**************************************************************************
More information about the Testlist
mailing list