At this point, bringing in yet more evidence of the stupidity of government undermining actual security in the name of surveillance-state “security” seems like piling on, but this one is just too perfectly apropos to ignore:
Bad ideas from the past come back to bite us all the time, to be sure, but rarely do they do so in such neat synchronicity with a drive to resurrect them from their well-deserved graves.
While I think that limits on encryption technology have proven to be a bad idea, I don’t think the case was nearly as clear-cut when they were first implemented.
Back in the 60s and 70s, regular people didn’t rely on encryption for day-to-day security. It was pretty much just governments (and, later, banks). Wars are won and lost based on infosec, so it wasn’t a totally unreasonable idea to try to limit proliferation of the technology. And when normal people starting using computers regularly, the restrictions were relaxed.
“Technology companies produce shitty software for ten years; blame government.”
It’s like Silicon Valley has been taken over by Cliven Bundy.
Er, if your apologia boils down to “the government in the 1990s followed policy designed to address the situation as it existed in the 1960s and 1970s”, you might not want to take up a career in PR. I’m just saying…
The government made policy in the 60s to restrict export of strong encryption, which was reasonable policy at the time. Since then, the government has relaxed the restrictions to match current needs multiple times.
The crappy standard in question here is one that was reasonable when it was the best thing allowed, and currently better encryption is allowed, but the code still exists to use the crappy one in many products, and there’s a way to trick software into using it.