U.S. Secretary Of Homeland Security Warns About The Dangers Of Pervasive Encryption

U.S. Secretary Of Homeland Security Warns About The Dangers Of Pervasive Encryption

In a speech at cybersecurity conference RSA, U.S. Secretary of Homeland Security Jeh Johnson outlined the government’s discomfort with increasing implementation of encryption by technology companies, and what impact the shift might have on national security.

While tech firms like Apple are advancing encryption to an increasingly broad set of consumer activities, the government is concerned that it could increasingly be locked out from the communications, and the intentions, of threats to national security.

The issue of encryption, who should hold the controlling keys, and if American technology companies should be compelled to provide special access to consumer data to the United States government are issues as old as they are controversial. The common argument against any weakening of encryption is that there are no unexploitable weaknesses — if Google were to craft a back or front door for the U.S. government, it’s impossible to keep that same entryway free from other parties.

After asking for “indulgence” and “understanding,” the secretary said during his remarks that the “current course [the technology industry is on, toward deeper and deeper encryption in response to the demands of the marketplace, is one that presents real challenges for those in law enforcement and national security.”

In the secretary’s view, the nation’s “inability to access encrypted information poses public safety challenges.” Ignoring the mild irony behind that comment — why else would you choose to encrypt data? — the government employee continued: “In fact, encryption is making it harder for your government to find criminal activity and potential terrorist activity.”

Johnson concluded with a colorful description of privacy and freedom, calling them “the things that constitute our greatest homeland security.”

His remarks were very similar to President Barack Obama’s in an interview earlier this year with Re/code’s Kara Swisher. The president said that while he was more in favor of encryption than most in law enforcement, he also recognized the problems it posed for those agencies. Both Obama and Johnson spoke about the importance of privacy when facing tech-oriented audiences, but failed to take a strong stance in its defense.

The Homeland Security secretary weighs in on this issue as White House aides are investigating encryption and preparing to report back to the president this month. In a recent speech at Princeton University,NSA chief Michael Rogers argued law enforcement should have front door access with multiple locks. He argued government abuse of this access could be avoided by splitting multiple keys among separate agencies.

But Jeff Williams, the CTO of Contrast Security, tells TechCrunch that such an approach is impossible. He argued that it would be impossible for the government to create technology that would allow it front door access to all communications devices and splitting such a tool among agencies would be inefficient and ineffective. He also said a split key could still be thwarted by super-encryption.

“Frankly the cat is out of the bag on secure encryption,” Williams said.

Even with the upcoming report to the president, it is unlikely Obama will take any measurable stand for Americans’ privacy rights. The private sector and law enforcement have volleyed back and forth on this issue for decades, now reigniting the exact same debate we saw in the early 1990s over the Clipper Chip. We’ve seen the White House take very little action on limiting the scope of the American intelligence apparatus, even in the wake of high-profile leaks from Edward Snowden.

Why would it start now?

The private sector has to keep improving encryption, as customers — particularly those outside the United States — worry about surveillance. But as these companies work to keep threats out of these devices, we can be certain that our law enforcement agencies are working just as fast to break into them.

With little public scrutiny over this technical issue, politicians have little incentive to stand up for privacy. Even with high-profile remarks such as those from Johnson today, it’s likely we’ll continue to see more of the status quo.

Recommended

Top senator: Encryption bill may "do more harm than good"

Legislating encryption standards might “do more harm than good” in the fight against terrorism, Senate Homeland Security Committee Chairman Ron Johnson (R-Wis.) said on Thursday. In the wake of the terrorist attacks in Paris and San Bernardino, Calif., lawmakers have been debating whether to move a bill that would force U.S. companies to decrypt data ...

China Antiterror Law Doesn’t Require Encryption Code Handovers

BEIJING—China passed a new antiterrorism law that stepped back from previous language of concern to global technology firms, but which still raises questions about its scope and the potential impact on companies doing business there. The law, passed Sunday by China’s rubber-stamp parliament, also authorized the armed forces and paramilitary police to take part in ...

Iran blocks encrypted messaging apps amid nationwide protests

For the past six days, citizens have taken to the streets across Iran, protesting government oppression and the rising cost of goods. Video broadcasts from the country have shown increasingly intense clashes between protesters and riot police, with as many as 21 people estimated to have died since the protests began. But a complex fight ...

Bitcoin Exchange Has Been Forced to Close After Second Cyber-Attack

A South Korean Bitcoin exchange has been forced to close after suffering another major cyber-attack. Youbit claimed it was “very sorry” but has filed for bankruptcy after it suffered the cyber-attack, less than eight months after the first. In a statement in Korean on its homepage the firm said it had lost 17% of its ...

暂无评论

发表评论

您的电子邮件地址不会被公开,必填项已用*标注。

This site uses Akismet to reduce spam. Learn how your comment data is processed.