Terrorism is scary – it is horrible in its unpredictability and violence. Everyone would love to be able to stop it, and given the right intelligence, it can be prevented before it happens.
Recently, global leaders have decided that weakening or eliminating encryption is the best way to stop terrorism. The build-up to the demonization of encryption has been nicely orchestrated.
First, the head of the FBI made statements about how every company has been hacked; then an FBI spokesperson advised folks to pay ransom in the event of a ransomware attack because the encryption used by ransomware is so effective. In the most desperate attempt yet, some are blaming Ed Snowden for terrorism due to encryption.
All of these examples give the impression of previously respected federal agencies being beaten by a person with little more than a desktop computer.
It is very easy to blame digital encryption for the current terrorism conundrum. Things that happen in the digital realm tend to have more mystery than the secret decoder rings that we all played with as children.
However, if we look at what we are being asked to give up if we go along with the idea of weakening encryption, we are going directly to the core of the privacy rights that America’s founding citizens demanded when ratifying the constitution.
A simple review of encryption throughout history shows that it has been used for both good and bad.
Julius Caesar invented an encryption method that is still in use today to obfuscate the list of recently used programs in the Windows Operating system. Mary, Queen of Scots used secret messages and secret delivery methods to communicate her (failed) execution plot of Queen Elizabeth. Benedict Arnold used a secret messaging system during the Revolutionary war to communicate to the enemy. George Washington was no stranger to encryption, yet the right to privacy guaranteed in the Fourth Amendment was still written into the Constitution.
Encryption is simply math, and when it is not math-based, it is just cleverly scrambled characters. ThreatWire’s Darren Kitchen also makes the very astute observation that encryption is agnostic.
The privacy afforded through encryption is not a new development of the internet and it should not be treated as such. Encryption has been used in peace and war since the beginning of time, and civilization has moved forward despite the use of encryption.
Weakening it or doing away with it could be the first part of unraveling many privacy rights that we need to function not only in e-commerce and all of our trusted online activities but in our physical realm as well.
About the Author: Bob Covello (@BobCovello) is a 20-year technology veteran and InfoSec analyst with a passion for security topics. He is also a volunteer for various organizations focused on advocating for and advising others about staying safe and secure online.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
Title image courtesy of ShutterStock