SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
Stronger Locks, Better Security
What if, in response to the terrorist attacks in Paris, or cybersecurity attacks on companies and government agencies, the FBI had come to the American people and said: In order to keep you safe, we need you to remove all the locks on your doors and windows and replace them with weaker ones. It's because, if you were a terrorist and we needed to get to your house, your locks might slow us down or block us entirely. So Americans, remove your locks! And American companies: stop making good locks!
Nov 26, 2015
What if, in response to the terrorist attacks in Paris, or cybersecurity attacks on companies and government agencies, the FBI had come to the American people and said: In order to keep you safe, we need you to remove all the locks on your doors and windows and replace them with weaker ones. It's because, if you were a terrorist and we needed to get to your house, your locks might slow us down or block us entirely. So Americans, remove your locks! And American companies: stop making good locks!
We'd all reject this as a bad idea. We'd see that it would make us all vulnerable, not just to terrorists but to ordinary thieves and bad guys. We'd reject undermining our daily security in favor of a vague potential that in some cases, law enforcement would be guaranteed, quick, easy access to our homes. We'd say to the FBI: Stop right there. We need more security in the wake of these attacks, not less.
Yet that same tradeoff is similar to what's being asked of us in the attacks on strong encryption. The FBI isn't technically asking for no locks--it's asking for weakened ones so that it can guarantee that it can break any lock that we buy or use--but the end result is the same. We're made more vulnerable. As with the locks on our doors, digital locks can't be made to allow access to all the good guys and none of the bad guys. The lock can't tell the difference, and even more vulnerabilities are created by building complicated processes for storing digital keys, as demonstrated by a recent MIT report and an open letter to David Cameron by Harvard Professor (and EFF Board member) Jonathan Zittrain.
Right now the FBI's strategy is focused on putting pressure on companies like Apple, Microsoft and Google, to prevent us from ever getting access to good locks in the first place. Yet if the FBI was publicly calling for home builders and locksmiths to stop offering you the strongest possible home or office security systems, we'd see the folly of their strategy outright.
EFF and many others have long demonstrated that limiting our access to strong encryption is a bad idea. But somehow, maybe because the way these locks work is more hidden from users in the context of digital networks and tools, the argument continues to be raised by an FBI that should know better. And by politicians who should know better, too, like Hillary Clinton.
The response to to insecure networks and digital technologies must be to make them stronger. And yet this basic message is not only lost on those who call for encryption controls, but it has also been undermined by the cybersecurity approach of CISA, which instead of encouraging better security by those who store our information, pushes companies to increase the risks we already face by "sharing" more of our data with the government. Of course, the lapses in government security are already well documented. The same wrongheaded approach is on display when our Congress fails to reform the Computer Fraud and Abuse Act to protect the security researchers whose work results in better protections for us all--and instead pushes for a worse version of the law, with a still broader scope and harsher penalties.
Unlocking everyone's doors isn't the answer to global crime or terrorism. Building and supporting stronger security is.
An Urgent Message From Our Co-Founder
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission has always been simple: To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It's never been this bad out there. And it's never been this hard to keep us going. At the very moment Common Dreams is most needed, the threats we face are intensifying. We need your support now more than ever. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Will you donate now to make sure Common Dreams not only survives but thrives? —Craig Brown, Co-founder |
Cindy Cohn
Cindy Cohn is legal director for the Electronic Frontier Foundation (EFF), as well as its general counsel, coordinating over 40 national class action lawsuits against the telecommunications carriers and the government seeking to stop warrantless NSA surveillance
What if, in response to the terrorist attacks in Paris, or cybersecurity attacks on companies and government agencies, the FBI had come to the American people and said: In order to keep you safe, we need you to remove all the locks on your doors and windows and replace them with weaker ones. It's because, if you were a terrorist and we needed to get to your house, your locks might slow us down or block us entirely. So Americans, remove your locks! And American companies: stop making good locks!
We'd all reject this as a bad idea. We'd see that it would make us all vulnerable, not just to terrorists but to ordinary thieves and bad guys. We'd reject undermining our daily security in favor of a vague potential that in some cases, law enforcement would be guaranteed, quick, easy access to our homes. We'd say to the FBI: Stop right there. We need more security in the wake of these attacks, not less.
Yet that same tradeoff is similar to what's being asked of us in the attacks on strong encryption. The FBI isn't technically asking for no locks--it's asking for weakened ones so that it can guarantee that it can break any lock that we buy or use--but the end result is the same. We're made more vulnerable. As with the locks on our doors, digital locks can't be made to allow access to all the good guys and none of the bad guys. The lock can't tell the difference, and even more vulnerabilities are created by building complicated processes for storing digital keys, as demonstrated by a recent MIT report and an open letter to David Cameron by Harvard Professor (and EFF Board member) Jonathan Zittrain.
Right now the FBI's strategy is focused on putting pressure on companies like Apple, Microsoft and Google, to prevent us from ever getting access to good locks in the first place. Yet if the FBI was publicly calling for home builders and locksmiths to stop offering you the strongest possible home or office security systems, we'd see the folly of their strategy outright.
EFF and many others have long demonstrated that limiting our access to strong encryption is a bad idea. But somehow, maybe because the way these locks work is more hidden from users in the context of digital networks and tools, the argument continues to be raised by an FBI that should know better. And by politicians who should know better, too, like Hillary Clinton.
The response to to insecure networks and digital technologies must be to make them stronger. And yet this basic message is not only lost on those who call for encryption controls, but it has also been undermined by the cybersecurity approach of CISA, which instead of encouraging better security by those who store our information, pushes companies to increase the risks we already face by "sharing" more of our data with the government. Of course, the lapses in government security are already well documented. The same wrongheaded approach is on display when our Congress fails to reform the Computer Fraud and Abuse Act to protect the security researchers whose work results in better protections for us all--and instead pushes for a worse version of the law, with a still broader scope and harsher penalties.
Unlocking everyone's doors isn't the answer to global crime or terrorism. Building and supporting stronger security is.
Cindy Cohn
Cindy Cohn is legal director for the Electronic Frontier Foundation (EFF), as well as its general counsel, coordinating over 40 national class action lawsuits against the telecommunications carriers and the government seeking to stop warrantless NSA surveillance
What if, in response to the terrorist attacks in Paris, or cybersecurity attacks on companies and government agencies, the FBI had come to the American people and said: In order to keep you safe, we need you to remove all the locks on your doors and windows and replace them with weaker ones. It's because, if you were a terrorist and we needed to get to your house, your locks might slow us down or block us entirely. So Americans, remove your locks! And American companies: stop making good locks!
We'd all reject this as a bad idea. We'd see that it would make us all vulnerable, not just to terrorists but to ordinary thieves and bad guys. We'd reject undermining our daily security in favor of a vague potential that in some cases, law enforcement would be guaranteed, quick, easy access to our homes. We'd say to the FBI: Stop right there. We need more security in the wake of these attacks, not less.
Yet that same tradeoff is similar to what's being asked of us in the attacks on strong encryption. The FBI isn't technically asking for no locks--it's asking for weakened ones so that it can guarantee that it can break any lock that we buy or use--but the end result is the same. We're made more vulnerable. As with the locks on our doors, digital locks can't be made to allow access to all the good guys and none of the bad guys. The lock can't tell the difference, and even more vulnerabilities are created by building complicated processes for storing digital keys, as demonstrated by a recent MIT report and an open letter to David Cameron by Harvard Professor (and EFF Board member) Jonathan Zittrain.
Right now the FBI's strategy is focused on putting pressure on companies like Apple, Microsoft and Google, to prevent us from ever getting access to good locks in the first place. Yet if the FBI was publicly calling for home builders and locksmiths to stop offering you the strongest possible home or office security systems, we'd see the folly of their strategy outright.
EFF and many others have long demonstrated that limiting our access to strong encryption is a bad idea. But somehow, maybe because the way these locks work is more hidden from users in the context of digital networks and tools, the argument continues to be raised by an FBI that should know better. And by politicians who should know better, too, like Hillary Clinton.
The response to to insecure networks and digital technologies must be to make them stronger. And yet this basic message is not only lost on those who call for encryption controls, but it has also been undermined by the cybersecurity approach of CISA, which instead of encouraging better security by those who store our information, pushes companies to increase the risks we already face by "sharing" more of our data with the government. Of course, the lapses in government security are already well documented. The same wrongheaded approach is on display when our Congress fails to reform the Computer Fraud and Abuse Act to protect the security researchers whose work results in better protections for us all--and instead pushes for a worse version of the law, with a still broader scope and harsher penalties.
Unlocking everyone's doors isn't the answer to global crime or terrorism. Building and supporting stronger security is.
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.