In a recent piece, American Enterprise Institute opinion-shaper Claude Barfield (“Encryption: the next battle between security and privacy”) wrote of the demands that spy agencies are making on tech companies to provide back-doors and weakened encryption.
Barfield poses the issue as a “conflict” between tech companies and government – not as one more violation of the 4th Amendment, which provides for “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures” – and not as something that an ordinary citizen might have an opinion about.
While Apple and Google are actually stepping-up their use of encryption, Barfield writes that FBI directory James Comey’s is demanding neutered encryption. Barfield repeats Assistant FBI director Michael Steinbach’s unproven assertion that terrorist groups are “going dark” with all this great, new encryption.
First of all, some facts.
Terrorist groups did not suddenly discover encryption after Edward Snowden spilled the beans on blanket surveillance of U.S. citizens. Long before ISIS, Al Qaeda often used couriers instead of cell phones and internet chatter. When Osama bin Laden was finally discovered, he was totally off the grid, as had been his practice for over a decade.
Jihadists understand technology – and its weaknesses – quite well.
9/11 mastermind Mohamed Atta was an architectural engineer. Khalid Sheikh Mohamed had a degree in mechanical engineering. Two of the three founders of Lashkar-e-Taibi, the group behind the Mumbai attacks, were professors at the University of Engineering and Technology in Lahore. Two thirds of the 25 9/11 hijackers were engineers.
One study by sociologists Diego Gambetta and Steffen Hertog in the UK, which looked at 400 jihadists, found that an astounding sixty percent of Western-born jihadists have engineering backgrounds.
If you can build a bridge or fly a jet into the Pentagon, using encryption is a piece of cake.
Flashpoint Partners, an intelligence firm concentrating on Middle East terrorism, reported recently that “there is very little open source information […] that Snowden’s leaks served as the impetus for the development of more secure digital communications and/or encryption by Al-Qaida.”
In fact, jihadists were developing their own encryption software almost a decade ago – long before Snowden’s revelations in 2013.
“Asrar al-Mujahideen,” a PGP-like program launched in 2007, uses both public and private keys to securely send files and messages.
An October 2010 article in Al-Qaida in the Arabian Peninsula”s (AQAP) English language magazine”Inspire” cautioned readers to use encryption.
And on February 7, 2013, right before the Snowden story broke, a new encryption tool, “Asrar al-Dardashah,” was developed, which allowed secure communications to be sent over Google Chat, Yahoo and other messaging services.
But aside from spy agency fear-mongering and lies there is a better reason to reject back-doors in OUR computer products.
The recent Chinese attack on US government computers, which compromised four million federal employees’ personal information, is precisely why weakened security should NOT be baked into the security cake. If a sophisticated and determined nation-state can attack computer security, why design it with vulnerabilities?
This was published in the Standard Times on June 11, 2015
http://www.southcoasttoday.com/article/20150611/opinion/150619892
Comments are closed.