TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentral TechCentral
    NEWSLETTER
    • News

      Hein Engelbrecht to lead Mustek as its new CEO

      1 July 2022

      Alviva shares leap higher on R3-billion take-private offer

      30 June 2022

      Datatec to sell Analysys Mason for as much as R4.1-billion

      30 June 2022

      Futuregrowth launches start-up fund, targets R600-million raise

      30 June 2022

      Eskom is killing the rand

      30 June 2022
    • World

      Meta girds for ‘fierce’ headwinds

      1 July 2022

      Graphics card prices plummet as crypto demand dries up

      30 June 2022

      Bitcoin just had its worst quarter in a decade

      30 June 2022

      Samsung beats TSMC to 3nm chip production

      30 June 2022

      Napster plots crypto comeback

      29 June 2022
    • In-depth

      The NFT party is over

      30 June 2022

      The great crypto crash: the fallout, and what happens next

      22 June 2022

      Goodbye, Internet Explorer – you really won’t be missed

      19 June 2022

      Oracle’s database dominance threatened by rise of cloud-first rivals

      13 June 2022

      Everything Apple announced at WWDC – in less than 500 words

      7 June 2022
    • Podcasts

      How your organisation can triage its information security risk

      22 June 2022

      Everything PC S01E06 – ‘Apple Silicon’

      15 June 2022

      The youth might just save us

      15 June 2022

      Everything PC S01E05 – ‘Nvidia: The Green Goblin’

      8 June 2022

      Everything PC S01E04 – ‘The story of Intel – part 2’

      1 June 2022
    • Opinion

      Has South Africa’s advertising industry lost its way?

      21 June 2022

      Rob Lith: What Icasa’s spectrum auction means for SA companies

      13 June 2022

      A proposed solution to crypto’s stablecoin problem

      19 May 2022

      From spectrum to roads, why fixing SA’s problems is an uphill battle

      19 April 2022

      How AI is being deployed in the fight against cybercriminals

      8 April 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Editor's pick»Why undermining encryption is an awful idea

    Why undermining encryption is an awful idea

    Editor's pick By The Conversation14 January 2016
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    encryption-640

    Western governments, notably the UK and the US, are pushing the software industry to open “backdoors” into our encrypted communications.

    The argument touted by government agencies for nearly 20 years is that terrorists use strong encryption to hide their communications, therefore we should ban strong encryption.

    British Prime Minister David Cameron has been outspoken in his desire for a such a ban.

    And last week, US President Barak Obama’s chief of staff and a team of national security officials flew to Silicon Valley to meet with top technology companies Twitter, Microsoft, YouTube, Facebook, LinkedIn, Apple and Dropbox. It’s likely they discussed collaboration between the Silicon Valley and the US intelligence and law enforcement on “back-dooring” encryption.

    In response to this push to undermine encryption, an open letter to governments, called “Secure The Internet”, was published this week. It is signed by more than 170 companies, organisations and individuals from around the world, including leading data security researchers.

    The letter calls for all governments to reject back-dooring or the weakening of encryption products.

    Encryption is used by most of us every day, typically with no conscious effort. If you log into your e-mail or bank site with an address starting “https://”, then you are using encryption.

    It seems likely governments around the world are trying to either woo or cajole the tech industry and security researchers to “break” the software they build by installing backdoors or other holes for the government to access our communications effortlessly.

    The problem with installing backdoors is that bad actors — organised crime, fraudsters, hostile foreign governments and the like — may also focus their attention on these security holes. Any universal “passkey” built into such a system would be immensely valuable, and worth spending enormous resources to capture, thus making those who had them significant targets for espionage.

    The push to emasculate the strong encryption we use every day is akin to the government telling every citizen we can’t lock our front door, or maybe we can only use a weak little latch. It’s like requiring everyone to send our passwords to a central government office.

    The aim should be to improve security on the Internet, not to break it. Governments colluding to break Internet security introduce the risk of breaking our evolving digital economy as well by undermining trust in businesses and banks. Imagine logging into your online banking or your insurance company, and not knowing if the encryption was secure.

    The argument that terrorists might use encryption so we should ban it is without nuance and probably even effect. Terrorists might also use steak knives to commit crimes, but we don’t make steak knives illegal. Steak knives have other useful purposes in society. And, like strong encryption, these benefits greatly outweigh the very small risks.

    Will it even work?
    The Secure the Internet letter references the research paper authored by a who’s who of the world’s top computer security researchers.

    The paper highlights the numerous problems with implementing such policies in practice. Many of these researchers were around when the first major push came from government to impose weakened encryption on the masses in the form of Clipper Chip in 1997.

    They concluded “the damage that could be caused by law enforcement exceptional access requirements would be even greater today than it would have been 20 years ago”. Such schemes kill innovation. Indeed, the authors query whether Facebook and Twitter would even exist today if the previous scheme had been imposed.

    Security agencies have a cornucopia of powers and resources to chase terrorists. At some point, that chase has to be about the mundane gumshoe work of gathering intelligence from human contacts, not just about sitting at a desk of computers scanning communications.

    Realistically, back-dooring strong encryption software, which is what is being floated here, will not stop terrorists. They will simply find and use other channels, including secure software distributed via other countries that do not have such restrictive laws.

    The desire to break the computer security of an entire population also hints at the more insidious aim of governments trawling all of our private communications.

    With Edward Snowden’s revelations about exactly this, it is important to view this recent push to destroy the innocent citizen’s right to use encryption securely through this lens.

    The contradiction of this push is that governments are trying to force our communications to be less secure while claiming to make us more secure.

    If we want to retain our freedoms, we will also need to take some responsibility by changing our own mind-sets. We as citizens need to accept that there is some risk in an uncertain world. We cannot expect law enforcement nor intelligence agencies to provide 100% guarantees; it is both unrealistic and unreasonable.

    The urge to “do something” after terrible attacks like those in Paris, should be spent fixing the underlying causes of terrorism, not creating legislative overreach designed to grab tomorrow’s headline.

    Keeping the keys to our own house requires a balanced approach in all things.The Conversation

    • Suelette Dreyfus is research fellow, department of computing and information systems, University of Melbourne
    • This article was originally published on The Conversation
    Apple Barack Obama David Cameron Dropbox Edward Snowden Facebook LinkedIn Microsoft Suelette Dreyfus Twitter YouTube
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleShowMax, MWeb in ‘free’ ADSL deal
    Next Article Start-up Fincheck wants to improve your finances

    Related Posts

    Meta girds for ‘fierce’ headwinds

    1 July 2022

    The NFT party is over

    30 June 2022

    Samsung beats TSMC to 3nm chip production

    30 June 2022
    Add A Comment

    Comments are closed.

    Promoted

    Billetterie simplifies interactions between law firms and clients

    30 June 2022

    Think herding cats is tricky? Try herding a cloud

    29 June 2022

    How your business can help hybrid workers effectively

    28 June 2022
    Opinion

    Has South Africa’s advertising industry lost its way?

    21 June 2022

    Rob Lith: What Icasa’s spectrum auction means for SA companies

    13 June 2022

    A proposed solution to crypto’s stablecoin problem

    19 May 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.