Encryption? We don’t need no stinkin’ encryption!

0 Flares 0 Flares ×

why do we need encryption?Before we knew more than the barest details about the horrific attacks in Paris last week, both former CIA Deputy Director, Michael Morell, and the current Director, John Brennan, were playing the “blame encryption” game in general and Edward Snowden, the NSA whistleblower, in particular.

In parallel, we had Sens. John McCain, (R, Ariz.), and Dianne Feinstein, (D, Calif.) who, surprisingly, agreed with each other for the first time in maybe six years and also playing the “blame encryption” game on what they saw as the need legislation so government investigators would be able to access the content of any encrypted communications.

Okay, work with me here: Let us assume, for the sake of argument, that all of these people are right and that encryption is a bad idea,  so lets blame encryption for all our problems. It’s been suggested that secret “backdoors” could be built into encryption systems so that only government agencies with the right “keys” could read encrypted communications, but it’s pretty obvious that the bad guys would eventually discover the keys. As anyone who follows computer security knows, security through obscurity will always fail. Nope, if you’re going to make it easy for the authorities to be able to read anything and everything sent electronically, you’re just going to have to ban encryption technologies all together. So if we blame encryption for all our problems what happens?

blame encryption for everything that goes wrong?What would our world be like without encryption?

  1. First, forget online banking. You‘re already worried (or should be) about the possibility of someone hacking your password but now, with no encryption to secure your communications all interactions with your bank will have to be in the real world. You’ll have to head to the bank every week to deposit your checks and stand in line to get cash for the week. ATMs? Nope, no longer be available because they also rely on encrypted communications.
  2. Then there’s credit cards: You won’t have to worry anymore about someone stealing your card numbers because the entire credit card system relies on encryption for point of sale transactions. All transactions will now have to be manual so remember those machines with the multi-part charge slip they used to run your card through (the ones that required the merchant to be a weight lifter to work)? You’re going to love seeing them come back.
  3. Oh, and money clips! Yep, there was a reason for them and you’re going to need a new one unless you can find yours that you last used a decade ago. At least your wallet will be thinner without the credit cards but it’ll fill up again with all of those credit slips. And don’t lose those slips! They’re your transaction record if there’s a dispute.
  4. Amazon’s CEO, Jeff Bezos, will no longer be a bazillionaire but he’ll probably be doing okay working on Wall Street as a programmer because without encryption, Amazon won’t exist. And those items you ordered online last week and got in two days? Forget it, not happening in an encryptionless future. Need a book? You’ll be able to go to the local library and check out whatever you need that is, if they have it. The librarian will look it up in her Dewey Decimal System catalog. If they don’t have it, don’t worry, they’ll be able to get it from the inter-library loan system in a few days. Maybe a week. Oh, it’s obscure? Give ‘em two weeks.
  5. Yes, we’ll still have mobile phones but you’ll have to be checking your phone bill every month (the one that will arrive in the mail and be about half an inch thick) to make sure the phone company takes off all of the false calls because someone hacked your phone number (remember the scanners that hackers set up next to airports to steal your phone number? Encryption stops the bad guys from being able to get your phone details).
  6. Remember travelers checks? Get used to heading down to the bank and picking up a stack of them for your next trip out of town since most merchants won’t take your personal checks or credit cards out of state. Going overseas? Going abroad? Stop at the exchange and get a wad of local currency prior to getting on the plane (for a fee of around 15%). Money belts, money socks; yes you’re going to need that gear again if you’re going to multiple countries. It’s probably all in that box in the attic you haven’t opened since 2002.

Do you think I’ve painted an absurd scenario? Sure it is, a world without encryption is impossible but so is blaming encryption for terrorist attacks and then suggesting that trying to limit or outlaw encryption is the answer. Encryption does far more good than harm and the media, and the voters, needs to get tougher on politicians when they willfully misrepresent the facts for political ends. In our new, hyper-connected, digital world full of bad guys who want to anonymously steal from us or mess with our infrastructure and machinery from thousands of miles away, we need more encryption to stay safe, not less.

Why do we blame encryption?Horse left the barn

Finally, the encryption horse has already left the proverbial barn. There are already so many encryption libraries available that any two bit programmer could make a secure communication system if they wanted. Even considering making back doors available, to the government no less (who we all can be sure will keep it confidential), will do nothing other than create a bunch of nonproductive work for technology companies and provide back doors for hackers to get your information, which is already way too easy for them to obtain. A simpler way to put this is “If encryption is outlawed then only outlaws will have encryption”.  Let’s stop this discussion and not blame encryption and get back focused on the real problem of protecting our citizens from these madmen, and protecting our confidential information from criminals.

Agree? Disagree? Let me know …

When not standing on a soapbox, David Griffith is CEO of Azstec LLC, the creators of docNCRYPT. If you have any comments or questions, email David at dgriffith[at]azstec.com or and follow us on the Azstec Blog.

Find out for yourself how easy it is to protect your confidential information (with encryption!) and try our free 30-day trial of the docNCRYPT Outlook Plugin to see how simple it is to protect your email and confidential documents.

 Picture Credit: Alfonso Bedoya as “Gold Hat” in John Houston’s “Treasure of the Sierra Madre”, 1948

Be the first to comment on "Encryption? We don’t need no stinkin’ encryption!"

Leave a comment

0 Flares Twitter 0 Facebook 0 LinkedIn 0 Reddit 0 Email -- 0 Flares ×