The Great Crypto DiversionAfter Terror Attacks, Politicians Remain Quick to Scapegoat Technology Firms
Déjà vu crypto debate.
See Also: Gartner Magic Quadrant for APM
One year after "Apple vs. FBI," British Home Secretary Amber Rudd this past weekend slammed Silicon Valley social networking firms, saying that law enforcement agencies and intelligence services cannot properly investigate criminal behavior when faced with communications that are protected via end-to-end encryption.
"If a backdoor exists, then anyone can exploit it."
"We need to make sure that organizations like WhatsApp - and there are plenty of others like that - don't provide a secret place for terrorists to communicate with each other," Rudd told the BBC's Andrew Marr on March 26.
Rudd is the latest in a long line of politicians who have been accused of using recent tragedies to push for weak encryption (see Cybersecurity, Crypto and the Politics of Blame).
In this case, on March 22, British national Khalid Masood, 52, launched an attack involving a rental car and a knife that lasted just 82 seconds before he was killed by a firearms officer. He killed four other people in the attack, and left 50 more people injured, some catastrophically.
The government has shared no evidence suggesting that Masood was radicalized online or that he used encrypted communications services.
The Appeal to Smart Technologists
On-demand access to end-to-end encrypted communications - the magical crypto backdoor - is the political and law enforcement dream that just won't quit.
Matthew Ryder, an attorney at law firm Matrix Chambers in London, says the recurring push for backdoored crypto most resembles "Groundhog Day," referring to the film in which Bill Murray finds himself caught in a time loop, repeating the same day over and over again.
Difficult to follow argument that attack by terrorist already on security radar, acting alone, supports need for new anti-encryption powers.— Matthew Ryder (@mryderqc) March 26, 2017
One well-worn trope in the debate gets regularly aired by FBI Director James Comey, who suggests that smart technologists can solve this problem - if only they would try.
Europe continues to debate this matter, too, with some governments calling for the EU to pass laws that would mandate the use of weak crypto. But Andrus Ansip, the EU's technology policy chief and the former Estonian prime minster, last year warned that there's no "black and white" answer to the problem, and that some supposed solutions might in fact cause more problems. "Sooner or later if we have backdoors, somebody will misuse these backdoors," he said.
Two Choices: Strong or Weak
In other words, crypto is either strong or weak. There's no magic exception for the good guys.
"I can't build an access technology that only works with proper legal authorization, or only for people with a particular citizenship or the proper morality," writes security expert Bruce Schneier, CTO of IBM's Resilient. "The technology just doesn't work that way. If a backdoor exists, then anyone can exploit it."
Rudd, however, claims she isn't trying to outlaw encrypted communications. "End-to-end encryption has a place," she told Sky's Sophy Ridge on March 26. "Cybersecurity is really important and getting it wrong costs the economy and costs people money, so I support end-to-end encryption."
Front Doors, Backdoors and Magic Hashtags
But she joins a long line of politicians who, to put it charitably, oftentimes appear to not know what they're talking about when it comes to encryption, or the fact that Britain's controversial Investigatory Powers Act, passed last year, gives her government the backdoor powers she's demanding.
Former Prime Minister David Cameron, for example, argued that he didn't want a backdoor for crypto, but rather a front door. "We're not asking for backdoors; we believe in very clear" - always a red-flag term - "front doors through legal process that should help to keep our countries safe," Cameron said in January 2015.
Rudd has likewise demanded access to any communications - even encrypted - with a warrant. She also used her television appearances to slam social networks for failing to prevent the spread of extremist content online, implying - without proof - that this helped drive Masood 's attack.
Like Comey, Rudd thinks smart people "who understand the technology, who understand the necessary hashtags to stop this stuff even being put up" are key to blocking the spread of extremism online.
It's not clear what Rudd meant by "necessary hashtags."
The Brexit Elephant
The EU's law enforcement intelligence agency, Europol, has an EU Internet Referral Unit designed to combat online terrorist propaganda, disrupt extremist recruitment and coordinate related intelligence-gathering and law enforcement response.
After Britain withdraws from the EU, however, it's unclear if Britain will still be able to access EU services and agencies such as Europol.
British Prime Minister Theresa May says she will trigger the formal Brexit process on March 29, thus beginning at least two years of what many expect will be messy divorce proceedings, which has already triggered economic uncertainty, the potential for another Scottish referendum and other massive changes that could easily topple the current government.
Rudd, the home secretary, is in charge of internal affairs for England and Wales and for U.K. citizenship and immigration, which is a Brexit sticking point between the U.K. and the EU.
Just three days before the historic Brexit process begins, however, she takes to television to make a straw man out of crypto.