September 18, 2001
4:46 PM   Subscribe

I bet 72% of Americna don't even properly understand encryption.
posted by Hackworth at 4:53 PM on September 18, 2001

Must resist....urge to gloat
posted by boaz at 4:54 PM on September 18, 2001

Doesn't your post have to have a comprehendable point before you can gloat over it?
posted by aaron at 4:55 PM on September 18, 2001

I apologize. The point was simply that the poll giveth and the poll taketh away.
posted by boaz at 4:57 PM on September 18, 2001

Eh I think Hackworth is right, I think 72% of the WORLD population doesn't know what encryption is :)

The rationale for a proposal of embedded backdoor in every american-made encryption is probably this one: "dear" terrorist, I will NOT let you take advantage of the improvements made by us against us.

I think that's just a "mediatic" or "cosmetic" attempt made by some politician to show that he really cares about the safety of the people.

Unfortunately, encryption is not a "dark" art anymore ; it probably wasn't since the times of Ceaser, Emperor of Rome (who used some kind of encryption in secret messages)

So what's the point of inserting a backdoor in "national made encryption" ? Somebody motivated and skilled will develop some different encryption scheme, use it for just one time, then use another and so on. That doesn't stop evildoers, just makes their project a little more expensive.

And what if the keys to the backdoor are compromised ? Any govt wouldn't reveal that "little" problem because they would fear derision by opposing politicians and public, not mentioning the huge cost of re-encoding all the encrypted data.
posted by elpapacito at 5:09 PM on September 18, 2001

No, no, no, no, NO!!!!

It might be different if idiots could give up just THEIR civil liberties, but unfortunately they are more than happy to give away mine....

We need an advocate. And insider advocate. A BIG WELL RESPECTED inside advocate, because I can only write so many letters to my congressmen and only donate so much to the EFF...

I hate to say it, but this whole thing has moved my political leanings from moderate right to moderate left.... Arrrrgh!
posted by fooljay at 5:13 PM on September 18, 2001

I hate to say it, but this whole thing has moved my political leanings from moderate right to moderate left

yay! another one for the dark side! I'm only three recruits away from a toaster-oven!
posted by rebeccablood at 5:26 PM on September 18, 2001

The left wants to take your economic liberties away, and the right wants to take your "civil" liberties away. Why side with either of them?
posted by dagny at 5:34 PM on September 18, 2001

Maybe the poll should come with a quiz. I'd love to see them answer 5 or 6 questions about the subject matter and correlate that with their voting.

I'm not being cynical here, we can sit around and call Americans stupid or we can test them. I'd be very curious to see something like this:

72% of Americans blah blah
40% of Americans failed a basic competency test on blah blah.

Or x% that voted yes/no failed the test.

What people and politicians fail to understand; actually I think a lot of politicians are well briefed in this matter but purposely choose to do something they can brag about during the next election. "He's tough on terrorists!"

So lets rephrase that, what is ignored is that there's no such thing as unbreakable encryption. Eventually computer speeds will catch up and make certain kinds of attacks very effective or someone will find a crack that would also make certain kinds of attacks effective. Its your upgrade path that matters. Switching to 128 bit or a whole new encryption scheme. That's important.

If crypto is becomes a legal standard we're stuck on one path with at least one known back door. Once the defacto standard gets compromised, because it will eventually, we're kind of screwed.

Of course, criminals won't follow the law anyway so its pretty much a moot point.
posted by skallas at 5:35 PM on September 18, 2001

So what's the point of inserting a backdoor in "national made encryption" ? Somebody motivated and skilled will develop some different encryption scheme, use it for just one time, then use another and so on. That doesn't stop evildoers, just makes their project a little more expensive.

When they make non-sanctioned encrypted communications illegal, then it will work quite well.

And it is at that point that many, including myself, will take up the advice of such luminaries as Thoreau, Dr Martin Luther King Jr, St Thomas Acquinas, Ghandi and even John Locke in order to protect these idiots from themselves...

yay! another one for the dark side! I'm only three recruits away from a toaster-oven!

Yes, I have to say that you are the main culprit, rebecca. Of course, I've always been liberal socially, but conservative fiscally. At this point, my priorities are shifting...

The left wants to take your economic liberties away, and the right wants to take your "civil" liberties away. Why side with either of them?

I don't "side with" either of them completely. My politics is like my religion. I disagree with almost every institution in its totality but agree with many parts of many. So is there a Nutball party, because if so, I'm joining...
posted by fooljay at 5:38 PM on September 18, 2001

The left wants to take your economic liberties away, and the right wants to take your "civil" liberties away

The current administration hasn't done such a hot job breaking harmful monopolies to preserve the ideals of open markets and free trade. Who to go with indeed.
posted by skallas at 5:40 PM on September 18, 2001

I don't think 72% of the internet-able know what encryption is.

You know, that's like saying we can't lock our doors.
posted by trioperative at 5:43 PM on September 18, 2001

Everyone who thinks that "72% of people" don't know whatever about encryption are absolutely wrong. The number's got to be higher than that.

Time to go download the latest-- well, something. (Just to be disobedient.)
posted by yerfatma at 5:54 PM on September 18, 2001

If anything passed outlawing encryption like this, I could see a violent, bloody standoff between federal marshalls, and Eric Raymond and all his guns.
posted by mathowie at 6:04 PM on September 18, 2001

Wouldn't it be a hoot if, from now on, non-U.S. software sites have two different downloads: one for the U.S. with no encryption or crippled encryption and one for the rest of the world with 6000-bit encryption?

Ha ha. Yeah. Funny. Ugh...
posted by fooljay at 6:26 PM on September 18, 2001

You know it’s a whole lot harder to get rights back once they’re suspended then give them up in the first place.

I am so sick of all these people that are all too willing – even eager – the throw away every single liberty for the sake of perceived expediency or safety. Is there any way to remind/convince these people that the concept of the US was birthed out of ideas like “Give me liberty or give me death”? Anymore it seems to be give me safety – liberty is inconvenient and overvalued anyway.

We need voluntary walled communities that people can check themselves into. Sort of like a worriers version of a roach motel where we can give them the poison they so desperately want without destroying the principals that have made the US great. Want to protect yourself (or your kids – we must protect the kids) from unwelcome thoughts/ideas/images? Great, check yourself in. Concerned about the negative impact of guns on society – no problem we’ll protect you. Think that police should have greater liberty in going after criminals or that only criminals have something to hide anyway– our cops are able to protect you to the greatest extent possible. Throw all of these people into the new safe ameriCANS and lock the f’n doors. Either that or I’ve got to get off my butt and finally build that private island/data haven where the new frontiers of liberty can be preserved after the fall of America to complacency and misplaced fear.
posted by willnot at 6:33 PM on September 18, 2001

So if this passes, what will happen to, say...

SSH
Apache-SSL
PGP

etc...
posted by CrayDrygu at 6:33 PM on September 18, 2001

The basic logic of enforcing this escapes me: are people trading nekkid pictures on alt.binaries.onanism going to be hauled into the courts because the Feds can't retrieve any plans for world domination that might just be steganographically concealed? Hell, this comment contains an unbreakably-encoded message: a garibaldi biscuit for the first agent to email me a summons.

From export prohibition to internal prohibition: how the world turns topsy-turvy.
posted by holgate at 6:36 PM on September 18, 2001

Everyone who thinks that "72% of people" don't know whatever about encryption are absolutely wrong. The number's got to be higher than that.

I can't help but think that if we explain to these people that strong encryption is the reason people can't steal their credit card numbers when they shop online, we could change some minds.

"This legislation doesn't makes it any harder for terrorists to steal our jets but does make it easier for them to steal our credit cards." Hell, I bet 72% of congressmen would believe that.
posted by boaz at 7:09 PM on September 18, 2001

Grab it while you can.

You can download PGP encryption for free from here. It integrates easily with both Outlook and Eudora. Also look into Steganography which is a form of encryption that allows you to hide information in innocent looking files - images, sound files, even other word documents. This is especially useful for those trying to combat human rights abuses. The version I use is Steganos which you can download and try for free. It works great.
posted by y6y6y6 at 10:29 PM on September 18, 2001

"You know it’s a whole lot harder to get rights back once they’re suspended [than] give them up in the first place" Really? The Draconian domestic security measures here in Britain during WWII would have given some worthies in MeFi an apoplectic fit. Looking out of my window here, I see no jackboots.
"all these people that are all too willing". I'm not too willing - I'm highly reluctant, but concede the necessity given the circumstances.
"throw away every single liberty". I'm not - I'm temporarily (see get rights back, above) conceding the right, as a law abiding citizen with nothing to fear from the authorities, to communicate without that commication being monitored.
"perceived safety" I have lived and worked in areas specifically targeted by a terrorist organisation, and protected from several planned attrocities by the successful surveillance efforts of our security forces. The safety is more than perceived.
"the concept of the US was birthed out of ideas like 'Give me liberty or give me death'"... and had the Declaration of Independence been signed in 1576, Machiavelli, not Robespierre, would be informing this debate and you would have said 'Give me security or give me death'". The concept of the dinosaur was birthed out of ideas like 'give me cold blood or give me a metabolism overdeveloped for my particular environment'. Immutability has seldom been a successful survival strategy for dealing with environments that change in kind, rather than degree.
posted by RichLyon at 2:45 AM on September 19, 2001

"You know it’s a whole lot harder to get rights back once they’re suspended [than] give them up in the first place" Really? The Draconian domestic security measures here in Britain during WWII would have given some worthies in MeFi an apoplectic fit. Looking out of my window here, I see no jackboots.
"all these people that are all too willing". I'm not too willing - I'm highly reluctant, but concede the necessity given the circumstances.
"throw away every single liberty". I'm not - I'm conceding the specific right, as a law abiding citizen with nothing to fear from the authorities, to communicate without that commication being monitored.
"perceived safety" I have lived and worked in areas specifically targeted by a terrorist organisation, and protected from several planned attrocities by the successful surveillance efforts of our security forces. The safety is more than perceived.
"the concept of the US was birthed out of ideas like 'Give me liberty or give me death'"... and had the Declaration of Independence been signed in 1576, Machiavelli, not Robespierre, would be informing this debate and you would have said 'Give me security or give me death'". The concept of the dinosaur was birthed out of ideas like 'give me cold blood or give me a metabolism overdeveloped for my particular environment'. Immutability has seldom been a successful survival strategy for dealing with environments that change in kind, rather than degree.
posted by RichLyon at 2:55 AM on September 19, 2001

(sheesh - sorry. We have about 15 minutes latency here in UK. I thought 'stop' had worked :P )
posted by RichLyon at 3:09 AM on September 19, 2001

Steganography is more about obscuring a message than encrypting it, although by the strict definition of encryption I guess it counts. But if you want to secure a message, you should encrypt with strong encryption (PGP will do) and THEN stego the ciphertext into the image.
posted by mikel at 4:07 AM on September 19, 2001

RichLyon: just for the sake of argument... :)

"You know it's a whole lot harder to get rights back once they're suspended [than] give them up in the first place" Really? The Draconian domestic security measures here in Britain during WWII would have given some worthies in MeFi an apoplectic fit. Looking out of my window here, I see no jackboots.

The active status of prehistoric security measures was a lot easier to define and control. I would easily suffer some of the Home Guard's finest pressing their ears against my window - it would, after all, be rather easy to spot when they'd gone. Licensing insidious modern methods allows for their unobstructed deployment in ways which contribute to the knowledge required to maintain their clandestine operation long after their usefulness in combating the immediate threat has expired.

"all these people that are all too willing". I'm not too willing - I'm highly reluctant, but concede the necessity given the circumstances.

I concede the perception of necessity. The efficacy, and thus the actual necessity of this and other measures being considered has not been demonstrated to my satisfaction.

"throw away every single liberty". I'm not - I'm conceding the specific right, as a law abiding citizen with nothing to fear from the authorities, to communicate without that communication being monitored.

This may be a single specific right, but it is one of the really phat ones. And everyone, everywhere, has something to fear from the authorities, especially when those authorities obtain access to reams of possibly flawed and easily manipulated data.

"perceived safety" I have lived and worked in areas specifically targeted by a terrorist organisation, and protected from several planned attrocities by the successful surveillance efforts of our security forces. The safety is more than perceived.

If safety is so enhanced by the arbitrary monitoring of all communication, and if only law-breakers have any need to feel threatened by such monitoring, why not just keep it in place? Why haven't we had it all along? Whassa prob? After all, we could stop a lot of plain vanilla internal crime that way too, couldn't we? Why have we been making such a fuss about it, I wonder?

"the concept of the US was birthed out of ideas like 'Give me liberty or give me death'"... and had the Declaration of Independence been signed in 1576, Machiavelli, not Robespierre, would be informing this debate and you would have said 'Give me security or give me death'".

Hmm, "'Give me security or give me death'". Nope. Just doesn't have the same ring to it...I'm glad we were late...

Immutability has seldom been a successful survival strategy for dealing with environments that change in kind, rather than degree.

The US has a long tradition of pretending that certain of its constitutional rights are, indeed, immutable. Like biblical gospel, the constitution can even be selectively interpreted to reveal unintended immutable rights (see Heston, Charlton). Though I usually don't award the USC stone-tablet status, in this case, I'll link arms with any assorted nut who agrees that these measures are premature and precipitous.
posted by Opus Dark at 4:51 AM on September 19, 2001

the obvious fact that this stuff is already out there and cannot be taken back, particularly from non-US citizens who don't give a damn about our laws

Yep. Fr'instance, in Europe we have human rights which protect, amongst other things, our privacy. Not sure it would apply to a suspected terrorist though. Not sure it should.
posted by walrus at 6:39 AM on September 19, 2001

Why? The Clinton Administration tried to get this for years! There doesn't seem to be any particular difference between the Dems and Reps on this issue, at least not the ones in Congress. The only people that seem to care are the libertarians.

To be fair, it was the Clinton Administration that lifted the export ban. Check out this story; the Janet Reno quote alone is worth the price of admission.
posted by boaz at 7:02 AM on September 19, 2001

RichLyon:
"The Draconian domestic security measures here in Britain during WWII would have given some worthies in MeFi an apoplectic fit. Looking out of my window here, I see no jackboots."

Well, no jackboots perhaps, but you've got Jack Straw and stuff like the RIP billbeing attempted.
posted by cps at 8:20 AM on September 19, 2001

I bet 72% of Americna don't even properly understand encryption.

This is probably true. But before we her at Enlightened MeFi Central start feeling too high and mighty, I'd suggest that the average MetaFilter user doesn't know jack shit about 72% of all kinds of useful things.

Can we give people any kind of credit at all (and I'm a certified Cranky Cynical Bastard)? In light of recent events, and presented in that same light, of course the knee-jerk public reaction is going to be "Yes! Limit this! Ban that!" But once the public becomes even slightly educated about the topic and what it entails (accessible online transactions, safe emails, hey, free speech in general), attitudes will shift.
posted by Skot at 8:38 AM on September 19, 2001

I expect the intelligence community is going to be reluctant to push for only backdoor-enabled encryption software, as it would only cut civilians off from encryption, and allow "criminals" to create there own software, without a backdoor, using open encryption standards. The CIA would rather have encryption out there that is perceived to be safe that they can actually, with some effort, crack. And I know they prefer well-known standards, like PGP and DES.

There has been a rumour going around for at least a year that any OpenPGP software you download in Europe has a Russian backdoor. Perhaps not true, but certainly possible. I wouldn't trust any encryption software that didn't give you the source code.
posted by tranquileye at 9:50 AM on September 19, 2001

Why? The Clinton Administration tried to get this for years! There doesn't seem to be any particular difference between the Dems and Reps on this issue, at least not the ones in Congress. The only people that seem to care are the libertarians.

Mmm hmmm... Who said anything about the Democrats? Where, pray tell, are the libertarians on the political scale?
posted by fooljay at 10:33 AM on September 19, 2001

WOULD SOMEBODY PLEASE TELL ME just exactly what it is I am missing out on here? What Walter Mitty pleasures am I forgoing by not refusing to offer up my stuff to the authorities? There is the air of the fox amongst the chickens, a presumption amongst the head-nodders that everyone knows what the problem is so it doesn't need to be mentioned. "If safety is so enhanced by the arbitrary monitoring of all communication," says Opus Dark, "... what are we making such a fuss about it?" I DON'T KNOW! (And stop stealing my lines:) I'm passed a link to Jack Straw, with a wink to rest, as if the contents are supposed to reveal the awful truth of innocents getting their credit cards emptied by unscrupulous FBI agents. Do they? Will they? "It also aims to offer honest computer and Internet users advice on the practical steps they can take to maintain their privacy, safety and security..." - against WHAT?

If you want to see what's on my PC, I'll create a share and let you look. I'll copy you every email I send and receive for a year (prepared to be very informed about my children). Please - somebody - do us innocents the service of elevating this from dogma and cant, and provide a couple of specific examples in which anyone has ever been undeservedly abused by the authorities as a consequence of failing to encrypt his personal information. (it is well know you should never ask a question you don't know the answer to. so let loose. but all this indirection is maddening!)
posted by RichLyon at 12:18 PM on September 19, 2001

Rich, I thought I explained this one to your satisfaction, but I know that my explanation was incomplete. It's not so much about what has happened, than about what might happen.

It's not so much about what you have on your computer as it is what the government might decide one day to make illegal after they already have removed your privacy.

I just wrote a comment (scroll down) about this to someone who's words echoed your own. Law enforcement and corporate interests in the U.S. are making a slow, but deliberate attack on personal freedoms that we as Americans hold so dear in the name of security and profits. Control and greed, pure and simple.

Also this is a pretty good article: Freedom Trumps Fear

Either way, perhaps your government is more benevolent and doesn't seem to bend over backwards to well-financed special interest groups (hi, corporate America), but ours does. If it seems ridiculously foreign to you, I'm betting that this is why.
posted by fooljay at 1:35 PM on September 19, 2001

fooljay - you explained to me how it could happen, and I accepted (and accept) it. But as yet another debate sets off without a single citation of an actual grievance, I thought I'd round out my education soliciting (thus far entirely absent) proof that something actually is happening.

I'll read your links and retire for the evening. 2 hours of clearing Nimda out of my drives has made me cranky.....
posted by RichLyon at 2:11 PM on September 19, 2001

I understand. AFAIK, no one has been arrested aside from some drug runners for not encrypting their email.

This is not to say that is how it will always be. Already, if you're in an airport, you can't even make a completely obvious joke about a bomb. What about when I send an email to a friend joking that we should blow ____ up. If things continue to go the way they are, the next thing you know I would have federal agents at my door. The Men in Black have never been known for their rich senses of humor.

Already Microsoft has included language in it's Frontpage software that the software cannot be used to create websites which disparrage Microsoft.

An encryption ban is not an imminent danger, but instead one which is cumulative. It's a battle in a much larger war going on over here... It is the jab which sets up the knockout...

If you're interested in other areas where people ARE being arrested unduly (in my opinion) find out what's going on with the DMCA... Sklyarov, Felten (not arrested, but threatened), 2600 magazine.

Odd that the government arrested Dmitry for something that it itself wants to do: circumvent encryption. Of course the difference is that Dmitry (via Elcomsoft) was doing it to ensure fair use. The government would be doing it to snoop on even its own citizens...
posted by fooljay at 3:23 PM on September 19, 2001