What encryption lets us do is say, "Yes, the Internet is insecure." Bad guys are able to compromise computers everywhere, but we're able to tolerate that because if they do intercept our messages, they can't do any harm with it.
Matt BlazeFrom a policymaker's point of view, [the back door] must look like a perfect solution. "We'll hold onto a separate copy of the keys, and we'll try to keep them really, really safe so that only in an emergency and if it's authorized by a court will we bring out those keys and use them." And, from a policy point of view, when you describe it that way, who could be against that?
Matt BlazeAs the local police department might want to decrypt a phone of a criminal suspect, so would the Chinese or the Russian or the Iranian intelligence agencies like to be able to do exactly the same thing.
Matt BlazeAs we build systems that are more and more complex, we make more and more subtle but very high-impact mistakes. As we use computers for more things and as we build more complex systems, this problem of unreliability and insecurity is actually getting worse, with no real sign of abating anytime soon.
Matt BlazeThe security of computers and the Internet is a horrible and dangerous mess. Every week we hear about breaches of databases of Social Security numbers and financial information and health records, and about critical infrastructure being insecure.
Matt BlazeThe perspective that law enforcement is presenting seems to be a very narrow one that's focused very, very heavily on investigations of past crimes rather than on preventing future crimes. It's very important for policymakers to take that broader view because they're the ones who are trusted to look at the big picture.
Matt Blaze