Quote of the day—Bruce Schneier

As computers continue to permeate every aspect of our lives, society, and critical infrastructure, it is much more important to ensure that they are secure from everybody — even at the cost of law-enforcement access — than it is to allow access at the cost of security. Barr is wrong, it kind of is like these systems are protecting nuclear launch codes.

Bruce Schneier
July 24, 2019
Attorney General William Barr on Encryption Policy
[Creating, or even allowing, a process by which the government can get access to all your communication and personal documents fails The Jews in the Attic Test.

“Nuclear launch codes” indeed!—Joe]

10 thoughts on “Quote of the day—Bruce Schneier

  1. RE: “nuclear launch codes.”

    There is no significant difference between actual nuclear launch codes and the software that operates our financial infrastructure; allowing either to be commandeered by miscreants will result in approximately the same number of deaths with the only difference being how long it takes to accumulate that number.

    That Barr & Co. take such a cavalier view of computer security is more than a little disturbing; it suggests either gross lack of understanding or nefarious purpose.

  2. Creating, or even allowing, a process by which the government can get access to all your communication and personal documents fails The Jews in the Attic Test.

    Best quote ever. The tapeworm in society was pretty great, but the above is better.

  3. Allowing anyone, the government or private tech, to have unfettered access to your communications is an outrage. For the government, this is a violation of the first amendment. For private tech there are no violations – they are free to do whatever they want with your communications so long as you agree to vague and coercive licenses.

    Unfortunately, we routinely give private tech full access to all our communications. With that kind of access is trivial to run classification algorithms to determine who you are. Aggregating the analysis across multiple platforms gives an even better analysis. This already gives the government access to the same communications should the companies agree to do so.

    We are already screwed and we don’t realize it. It will just get worse from here. The state can be dangerous because of the power of life and death. Private tech is just as dangerous, perhaps more, because they too have the power of life and death over you – they just don’t use messy lethal means.

    End to end encryption would be a good start, but ultimately fixing this will require more direct action.

  4. The government’s notion that it could mandate back doors — even ignoring the Constitutional issues involved — was exposed as a pipe dream about 40 years ago. Ever since PGP it has been obvious to anyone with a room temperature IQ that this can’t be done, and that wishing it or legislating it won’t make any difference.

    • How can you use encryption with social media?

      Private messages? How can you trust the recipient not to disclose the message?

      • I don’t really social media much, but I could see, for instance, needing a key to decode messages posted to a private Facebook group.

        For the other … that comes down to trust of the other person. Including both the person proper, and how well they maintain the security on the computer used to read the message (eg deliberate vs inadvertent release)

      • I suppose you could PGP-encrypt your message and post that on Facebook. That would be fun.
        My main answer is “I don’t use those things”, partly because I don’t feel like wasting my time and partly/mostly because I don’t trust the purveyors further than I can throw them.
        For confidential communication, PGP-encrypted email works great. I suppose another option would be encrypted IP voice calls (not Skype, that isn’t done properly), but I don’t use those. Silent Circle used to offer products for this

  5. “How can you use encryption with social media?

    Private messages? How can you trust the recipient not to disclose the message?”

    And this is Censorship and Social Management version 2.0 in action, and the driver behind much of the Left’s actions. Encryption is one thing, and serves one purpose well (assuming “good” encryption rather than “average” or “bad.”). Cletus and Joe-Bob can use 4096 bit encryption and – for the moment – rest easy that the messages exchanged are unavailable to others (I’m not on the inside, but word around the periphery is that 4096 is still sufficiently secure), but should Cletus mouth off in an unecrypted fashion about Joe-Bob’s commentary regarding Someone On The Approved List, or other “socially unacceptable thoughts,” the full weight of Lefty outrage, including media villification, will land on Joe-Bob.

    If solid encryption is the only way to avoid being destroyed by the Forces of Evil – and it looks like we’re headed that way at breakneck pace – we will have already lost functioning society, encryption or no.

  6. What the hell, Barr? Get your ass back to investigating the FISA courts and the Democrat misuse of such.

Comments are closed.