The Fight For Encryption

The Fight For Encryption

Privacy is for people. Transparency is for the state.

It is hard to watch the world burn, especially when the fire is invisible. Freedom and liberty. They seem like such distant ideas in our dystopian life. We’ve forgotten the meaning of these words. We think freedom and liberty are directly related to privacy, and we think privacy is dead. Where does this leave us? A society in acceptance of governmental rule perhaps? How free we are when we’re obligated to pay rent, work for food, and are shaken awake by an alarm most days. We are free to accept privacy is dead.

Long ago, government worked for citizens. Democracy existed. Senators and representatives represented people. Government transparency was a core value. Accountability for actions. Privacy for the people. Transparency for the state.

No more. The opposite is now true. Together online we joke about ‘being on a list,’ as if there is nothing we can do, and privacy is already dead. Meanwhile multi-lateral trade agreements are negotiated and decided, draped in secrecy, agreements that change the way we will live. Change the quality and production of what we buy. They will change the price of life saving medication and change the additives in our food. In a free society, changing the way we live should be decided together. It should be decided by vote. It should be democratic. It simply isn’t any more.

Encryption has been battled by the State for a long time. A staggeringly long time. In the 1990’s the Clinton administration attempted to enforce a physical backdoor in all PC’s through a device dubbed the Clipper Chip. Invented by the NSA (who else did you think, really), the chip received a hugely negative response from both the tech community, who understood and exploited the chip quickly, and the public, who at the time realised the Bill went too far. The most important part was this: by chipping all PC’s to bypass security the PC becomes venerable, potentially devastating the tech industry.

Sound familiar?

We are walking almost the exact path. But this time it is hard to say whether we will get out the other end the same. Our rights are under attack.

In the past week Reuters published a piece on a leaked Senate bill that would require all technology companies in the US to effectively add a backdoor into their security measures. The State could then use this backdoor in their investigations. The obvious and inherent problem stares us in the face like a train speeding towards us in a ball of sound, wind and light: adding a backdoor, a security bypass, will make these products unsafe. Engineers will find a way to exploit this security weakness, as they always do, and then the ‘security’ measures will be as useful as you think your bike chain lock is. But when someone has a bolt cutter, all bets are off.

The timing of this bill is apt as always. The FBI recently announced to the world that they don’t actually need Apple to hand over the source code or create an encryption key to access the San Bernardino shooter’s phone. They could do it all along. Of course they could. How naïve do they think we really are? It is their attack on the judicial branch throughout this case that should upset us most: they could always physically break the encryption on the phone, but they wanted to create a legal precedent to be able to openly do it in the future. They wanted to create a path to legally do it in every case.

Fortunately their ultimate goal from this case is not yet achieved. They do not have an Apple-produced backdoor into every iPhone on Earth. But in the process they have played a hand they have been keeping close to their chest for who knows how long: the world now knows that the FBI, and by extension anyone with resources and time, can break the encryption on an iPhone.

This case could have easily walked a different path. If Apple didn’t actually stand up for something worthwhile a dangerous precedent would have be set: backdoors would have become mandatory. Silicon Valley would rot. International business would halt. Samsung would see sales up, but internally they would be bracing for their own battle. With such a dangerous condition imposed on US-based tech companies they would know their share of the lucrative US market would be numbered. The day would eventually come where it would be, by law, a condition of import into the US that all phones must come with a backdoor, under the guise, as always, of National Security.

Encryption is such an essential part of our digital lives. We need it to access our online banking, connect securely in public wifi spots, and set up multi sites for business. Yet in Australia, we are not even allowed to learn about it.

Last year the Australian Government quietly passed a bill called the Defense Trade Control Act, where deep within it is a list on goods specific to National Defense, the Defense and Strategic Goods List (DSGL). On it, the DSGL extends far beyond what we might deem reasonable. Telecommunication devices, electronics, almost anything which may have a form of intelligence interest is banned.

Including cryptography.

This is pants-shitting stuff. In Australia, punishable under the law, you and I are not allowed to “supply” encryption technology. Not allowed to distribute things like the Tor project. Not allowed to learn about, or work on encryption. No Australian business, without approval from the Australian government, can produce encryption devices or software.

There is no happy ending. There is no witty remark. There is no humour. Please learn and read about encryption. If you have an Android phone, you can encrypt your entire device in the settings. If you have an Apple product, well, I don’t know what to tell you. Your iPhone has access to your entire life, and if somebody, somewhere, wants access to that information, unfortunately, they can get it. If your landlord kept a key to your place hanging from a hook on your front door in a box behind some thin glass, just in case law enforcement needed access, I guarantee you’d find somewhere else to live, and I guarantee you someone who wants access to your place will find a way to break that thin glass and get the key. Hammers exist. Just as hackers exist. I myself prefer holding onto my house key. And so should you.

Header image: wk1003mike via Shutterstock.