Politicians have fractured views on encryption

villain toy story gun
Credit: flickr/kennymatic

After the tragic events in Paris in November 2015 we have seen an ever growing chorus of politicians that have been tub thumping for a chance to outlaw encryption. As I've discussed previously I find this patently odd. The politicians are wearing away on the same tired story that terrorists use encryption. 

OK, let's remove the Paris equation from the table for a moment. They want to outlaw encryption that they cannot compromise. 

From Business Insider:

US senator John McCain has indicated that he will push to outlaw encryption technology that the US government is unable to crack.

On Tuesday, he told reporters that "in the Senate Armed Services [Committee], we’re going to have hearings on it and we’re going to have legislation," according to The Hill, labeling the current state of affairs "unacceptable."

The part of this that is amusing is that most of the encryption technologies that they are concerned about are both open source and not US based in origin. In the fall out from NSA secrets being leaked to the press and various surveillance organizations having their dirty laundry exposed for the world to see there was a move to have better encryption. This caused various organizations some level of concern. Now we find ourselves at a point in time where there is a concerted movement to backdoor or ban encryption products.

The irony is overwhelming when you consider that these same politicians that rail against the use of encryption and attempt to demonize it use encryption themselves. Let's pick on Senator John McCain, Hillary Clinton and Donald Trump for a moment. When I ran all of their websites against the website SSLLabs.com I was rather amused to find that all of their websites had good website encryption in use. The McCain website scored an "A", Clinton scored an "A+" and even the website for Trump even managed to score an "A" rating. 

This is odd bit if a quandary. We have an example such as Clinton who apparently saw fit to have no encryption on email who then asks companies in Silicon Valley to weaken encryption to "stop helping terrorists"

From The Register:

"We should take the concerns of law enforcement and counterterrorism professionals seriously. They have warned that impenetrable encryption may prevent them from accessing terrorist communications and preventing a future attack. On the other hand, we know there are legitimate concerns about government intrusion, network security, and creating new vulnerabilities that bad actors can and would exploit."

Um...that whole 'trust us we're from the government' platform pretty much sailed and sunk after the Snowden revelations came to light. Most of the technology that law enforcement in the US is worried about isn't developed there. Any laws to backdoor encryption in the US, UK or other countries would hurt their own citizens. I would have a little more belief in the political talking heads if the very same encryption that they want to backdoor or ban wasn't also being funded by the government.

It is not lost on me that the attackers who carried out the atrocity in Paris knew each other and communicated with SMS. Encryption (as far as I have read) had no part in the attack. Banning or hobbling encryption would have had no impact on their attack.

The bad guys are not going to care if what they use is outlawed. That's why they're the bad guys.

Cybersecurity market research: Top 15 statistics for 2017