News
net.wars: Schmidt happens
by Wendy M Grossman | posted on 22 November 2013
Google executive chairman Eric Schmidt has been making headlines again with a pair of loopy statements one hopes he chose out of a desire to be provocative rather than out of ignorance. First, he predicts that we may be able to end censorship within ten years. Second, he suggests that, "The solution to government surveillance is to encrypt everyone."
Oy. Let's take the last of these first.
"Mathematics is not your *friend*," Bruce Sterling declared in a wrap-up speech at the Computers, Freedom, and Privacy conference in 1994. At the time, it was not an overly popular message. The room was filled with people who passionately believed that freeing crypto from constraints on deployment and export was the key to privacy and security on the Internet. There were also comparisons to guns: as the argument goes, the Second Amendment is intended to ensure that the balance of power between citizens and the State is always somewhat equitable.
Granted, in the intervening nearly 20 years encryption has not spread as widely as the cypherpunks hoped. Only a tiny minority go to the trouble of encrypting email, but nonetheless you likely use encryption every day in forms that are invisible to you: every time you access a Web site via HTPPS, every time you buy something and SSL protects your credit card details in transit, and every time you make a phone call over a mobile network. And what has happened? The security services have, as we've been reading since June, gone all out to break, undermine, or bypass the encryption. And - as Sophos' Graham Cluley writes - UK prime minister David Cameron is praising them for it and wants them to do more of it to penetrate the "dark Web"
Sterling was right: mathematics has not been our friend, and for a very simple reason. No matter how powerful the encryption used to protect data in storage or transit, at some point it has to be removed so that the people using that data at either end can view and work on it. As Caspar Bowden has explained in his careful work analyzing the vulnerability of non-US cloud systems to the US's FISA, FISAA, and PATRIOT laws, we are talking here about surveillance-as-a-service. We're talking hardwired back doors and permanent taps at key points, in which case, as I wrote in July, "interception" is no longer a useful concept, and encryption is no longer a useful defense
Adi Shamir, the "S" in the most widely used public key cryptography algorithm, RSA, has often said that you don't bother trying to crack the crypto, you just go around it. In a talk he gave in March, Shamir argued as above that crypto is less and less a useful defense. His example was advanced persistent threats, which hide out inside networked systems picking off tiny but valuable items of information to exfiltrate to the mother ship, but his comments apply as aptly to NSA taps, for the same reason. There is always a moment when the data is in clear text, and that's your target. I cannot believe that the former CEO of *Google* would not know this.
The ending censorship claim is sadly equally laughable. Censorship did not arrive with the Internet; it's probably as old as cave paintings. It's been known in all sorts of human cultures from China in 300 A.D. to medieval Europe. In his latest book, Writing on the Wall, in the process of exploring historical analogues to modern social networks, Tom Standage discusses historical censorship in pre-Revolutionary France and 17th century London; in the past I have written about Catholic values-driven controls in the Republic of Ireland. Either Schmidt knows nothing of history or he's just being provocative and media-friendly (at which he obviously succeeded).
Censorship is in the eye of the beholder. Presumably Schmidt does not view Google's various efforts to block access to child abuse images, videos of crimes, and, under court order, torrent sites as "censorship". This despite the fact that, as Cluley wrote, saving me the effort, the former head of the Child Exploitation and Online Protection Centre Jim Gamble has told the BBC, search engines aren't how pedophiles search for these images. Getting the search engines to do these things will make very little difference in terms of protecting real children from actual abuse. It's child protection theater, and it's being implemented under the same kinds of threats that were made against ISP in 1996 when they argued that blocking access to 133 Usenet newsgroups would be similarly ineffective. (These were the threats that drove the creation of the Internet Watch Foundation.)
Perhaps Schmidt thinks that censorship is the content blocking that *other countries* do. People who aren't us. Which we can fix, despite millennia of human history. As George Costanza said in Seinfeld when Jerry explains that he and Elaine have come up with a set of rules to allow them to remain friends while having sex on the side ("The Deal", season 2 episode 9): "Where do you get the ego?"
Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.
Technorati tags: Eric Schmidt encryption censorship
Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, follow on Twitter or send email to netwars(at) skeptic.demon.co.uk (but please turn off HTML).
in News
net.wars: Running with scissors
net.wars: The learning channel
you're reading:
net.wars: Schmidt happens