Heightened public awareness of privacy and security issues has been leading to a wave of new developments. One of them is the rise in end-to-end encryption, recently given a big boost by a couple of heavy hitters in the field:
Flattening the learning curve is a game-changer, but the real significance IMO is that it makes too-big-to-jail into a force for good:
Is this the first step toward establishing a new status quo in which government snooping via mass interception is not an issue for the same reason government snooping via psychic clairvoyance is not an issue?
No. Even assuming for the moment (which I don’t) that this just isn’t PR bullshit while it’s cooperation as usual behind the smokescreen, the security services will just throw money and technology at the problem until they can break the encryption or get a law requiring us to register keys.
They didn’t go to all the trouble they have done to let a few web browser plug-ins stop them.
But in the end I simply do not believe Google, apple or any other company cares a damn about the issue. What they actually care about is the business impact of Snowden’s revelations and that’s an image management problem.
No. We need decentralized mesh networks encrypted by default, personal web servers to replace Facebook/Gmail, full HD encryption, and the source code for any software we use before “Big Brother” is suitably stymied. And you still have to worry about back doors in your hardware.
This is a very hard problem and “Big Brother” is several thousand steps ahead of your average computer user, not to mention much better funded. You can basically kiss privacy goodbye. It no longer exists.
How do you back-door a never-repeating key code? Computers provide 2 things: massive amounts of cheap storage and fast processing. All it takes is a random character generator.
I don’t think the issue was actually about reading emails, but rather monitoring communication networks. In short, encrypting emails doesn’t matter much if you can still tell that person A sent an email to person B. It’s not as if most terrorists were explicitly outlining their plans in plain language. You can tell almost as much about a person based on who they communicate with and where they go as you can what they write or say. I don’t think the magnitude of the privacy intrusion of reading emails is substantially different than knowing when and who I send emails to, so encryption doesn’t add much value IMO.
Besides, given the NSA has intercepted servers being shipped to their final destinations in order to install backdoors without the buyer or seller’s knowledge, I sincerely doubt whatever encryption a company employs will be effective for long. Google and Yahoo don’t have the money or resources to fight developed governments of the world.
Just who do you think runs the governments of the developed world? Corporations, that’s who. The tech sector may not have the power to directly dictate government policy (like the banks and energy companies do) but they’re up-and-coming, they’ll get there soon enough.
Besides, Google etc. have been collecting metadata for profiling purposes long before the NSA jumped on the bandwagon. Granted, it’s primarily for the sake of targeted advertising, but it’s really bizarre how most consumers aren’t fazed at all by that aspect.
By secretly installing software or hardware that sends the information to the interested government agency before it even gets encrypted. Unlike some random hacker the government is in a position to pressure or bribe manufacturers and telecommunications companies into letting them directly install surveillance devices and software on your computer and on the network. Your encryption software itself may have a subroutine that sends a clear copy off to the government.
Governments essentially have unlimited resources to deal with the ‘problem’ of privacy. Even if for the sake of argument I actually believed Google et al were actually deadly serious about privacy, they could not ‘win’.
The more complex the technology, the more certain that it has a security hole, or will develop a hole with the next iteration of counter-technology.
Quarter-inch steel safes with key locks were nearly invulnerable in the Victorian era.
I love the mindset that goes against a couple of thousand years of technological history and believes that a new iteration of something invalidates further developments.
I would argue the exact opposite: that advancing technology has indisputably been infringing our privacy more and more as it evolves, not just privacy intrusions by government but also by commercial and other private interests, both legally and illegally. Who hasn’t been plagued by telemarketing calls, many of them specifically directed by marketing profilers; who hasn’t heard about Edward Snowden’s NSA revelations; who hasn’t been concerned about massive thefts of credit card and personal data from large numbers of private companies that keep extensive databases on us; who hasn’t been concerned about identity theft.
Anyone who uses credit or debit cards, or worse, generic loyalty cards like Air Miles or Avios, is contributing to vast databases that profile your whole shopping lifestyle, which databases are routinely data-mined for marketing information and sold to marketeers in various forms. There’s a Texas company called Alliance Data that makes almost $4 billion a year almost entirely from this kind of data mining and analytics. Google, Amazon, and many others are constantly monitoring your searches and surfing habits.
Put all those databases together with the fact that everything you have ever written or that has ever been written about you that is accessible to the Internet is almost instantaneously revealed to the world by a simple free search that anyone can do, and you have a scenario in which just about anything about you that is worth knowing increasingly becomes knowable. And then add to that the fact that under the Patriot Act, all such information held by government or by any company or entity under US jurisdiction must be made available on demand to any government agency deemed authorized to have it, and then tell me that the Big Brother problem is going away! :rolleyes:
But most people are smug enough to assume that they’re actually safe, either through passivity or extreme protective measures, and dumb enough to assume that there’s nothing about their lives that could be of interest or use to any sibling of Big Brudda.
I fear government misuse of the technology a great deal less than I do, say, any online entity large enough to have servers in more than one location.
Big Brother did not check email, since Oceania didn’t have any. Big Brother did know where you are. Police cars have license plate scanners. Enough of them, and enough scanners mounted on bridges and light posts and they could know where you drive. Facial recognition is coming. That combined with lots of video cameras will let them know where you are walking. Someone is experimenting with ways of encoding facial features, but you can’t encrypt license plates.
Kids who splatter their personal lives on the web are ahead of the game. When they are adults there will be no privacy, so why pretend?
Kids who are splattering their private lives on the web are playing on the information superhighway because they and their parents are too stupid to tell them otherwise.
We will have all the privacy we choose to retain. We need to choose other than letting Google et al. have free access to our personal and private lives in return for shiny toys and supposed convenience.
Theoretically, that’s pretty simple. The only place where the theory falls down is in the sense that we don’t know the future, so even though we can predict that it’s impossible to crack something which used a 1 million bit key before the end of the universe, regardless of how fast PCs can become, there’s always the chance that the next day someone invents the quantum computer and sidesteps the whole issue.
Since we do know what the potential capabilities are of quantum and traditional computers are, and if we assume that some problems can’t be solved any better than the currently known methods, then making something uncrackable is purely a matter of key length. But again, that only holds up until the day that someone discovers a mathematical or physics loophole that allows us to bypass steps.
Convenience - and usefulness - are pretty close to mutually incompatible with security. A computer off the net is much more secure; it’s also far less useful.
But the “tech sector” is not some monolithic group that all wants the same policies or even cares about the same things (even if I grant they, and other corporations control the government). Given that the developed governments of the world essentially have infinite money, and Google has a finite amount and shareholders who generally don’t give a shit about these things, it’s not even a close fight.
Which is another reason they are not gonna go too far out of their way to ensure the privacy of their users.
