Last week, the terrorism-focused GOP debate showcased several candidates’ staggering ignorance of the Internet and information security. Saturday night’s Democratic debate was no better.
Hillary Clinton was the star of the show, and used her airtime to whiff on some issues that are critical to Internet users and pretty much anybody with a smartphone.
After settling a minor spat with Senator Bernie Sanders about a breach of voter files (which were ironically unencrypted), Clinton launched into a wrongheaded tirade about the “problem” of encrypted devices.
“I would hope that, given the extraordinary capacities that the tech community has and the legitimate needs and questions from law enforcement, that there could be a Manhattan-like project, something that would bring the government and the tech communities together to see they’re not adversaries, they’ve got to be partners,” Clinton said.
“It doesn’t do anybody any good if terrorists can move toward encrypted communication that no law enforcement agency can break into before or after,” she added.
And then came the most honest sentences of the night:
“There must be some way. I don’t know enough about the technology, Martha, to be able to say what it is.”
There isn’t a way, experts say over and over, because encryption isn’t the problem. Figuring out how to poke holes in encrypted data won’t make anything safer. Not like we have any private business to hide.
Moreover, there is no proof that encrypted data has either hindered an investigation or facilitated a successful attack. In fact, the evidence often points to terrorists communicating in wide-open spaces online. (No word from Hillary how to “backdoor” our way into public data.)
This imaginary solution is yanked from FBI Director James Comey’s equally daft idea that evildoers are “using” encryption, some rarefied tool, in a way that regular people aren’t. That isn’t the case.
Though Clinton claimed “confidence in our tech experts” to solve this non-issue, those same experts were busy decrying the wrongness of her claims.
Clinton and Comey’s problem is the sweeping agreement among the scientific community and information security experts. Their consensus contends that it’s impossible to give government access to end-to-end encrypted information; an exploit for the government is an exploit for the entire world. If Comey wants to sniff around your group chats, his Candyland backdoor also puts critical infrastructure at risk.
— Amie Stepanovich (@astepanovich) December 21, 2015
— Open Tech Institute (@OTI) December 21, 2015
Aaaaaaaaand Hillary just terrified everyone with an internet connection. #DemDebate
— Edward Snowden (@Snowden) December 20, 2015
Apple CEO Tim Cook joined the chorus of experts on 60 Minutes last night:
“On your smartphone today, on your iPhone, there’s likely health information, there’s financial information,” Cook said. “There are intimate conversations with your family, or your coworkers. There’s probably business secrets and you should have the ability to protect it. And the only way we know how to do that is to encrypt it. Why is that? It’s because if there’s a way to get in, then somebody will find the way in. There have been people that suggest that we should have a back door. But the reality is if you put a back door in, that back door’s for everybody, for good guys and bad guys.”
Encryption isn’t a security issue; it’s what keeps you secure.