Crypto Wars: The Show That Never Ends

The German Interior Ministry is spearheading an effort to create a new law that would require tech companies to provide backdoors for a range of devices. It's the latest salvo in the war over encryption.

Larry Loeb, Blogger, Informationweek

December 6, 2017

3 Min Read

As the classic Emerson, Lake and Palmer song goes: "Welcome back, my friends, to the show that never ends." Only this time, it's the Crypto Wars that are being refought.

The German government is preparing a law that would make all electronic device manufacturers include a backdoor that could be used by law enforcement authorities, according to local media reports. Such a backdoor in a connected auto might disable the warning it sends to its owner when physically disturbed -- say in a police investigation.

The German Interior Ministry is spearheading the effort, and is looking far beyond stopping car notifications to suspect owners. The ministry want companies to tell the government about any future plans that they have for encryption and other protocols in products, so that the police can analyze them.

Investigators also want the power to hack back at attackers, so that they can shut down some remote computer in a crisis.

(Source: Tumisu via Pixabay)

(Source: Tumisu via Pixabay)

Some of those who have seen the draft bill also point to provisions in it that would allow the state to intercept any Internet traffic. That kind of power would allow a full-blown surveillance state with snooping everywhere. Of course, the ministry says such power would only be used under court order.

This kind of effort is not unexpected to those that have seen similar efforts arise lately in France and the UK for such backdoors.

Indeed, closer to home, the US Justice Department has revisited the issue lately when Deputy Attorney General Rod Rosenstein told an audience in London this October: "There is no constitutional right to sell warrant-proof encryption."

The push back against working encryption is on the rise, without a doubt.

Once the province only of the government, it seemed that the first crypto wars of the 1980s and 90s had established that crypto use was not only legal, but that it was enabling the establishment of a digital economy. It seems obvious that people would not give financial information to a website to pay for shopping if they did not feel that it was being protected in a secure manner.

These new efforts that hold up the straw men of terrorists and criminals to the public miss some major points here. Backdoors or decrypting will not stop someone that wishes to blow things up. They will just change methods to ones that are harder to expose, like trusted couriers and face-to-face meetings.

And if there was some master key to encryption methods, how long would it take before it was stolen by threat actors? Such a key would make it easy for miscreants to obtain anything they wanted without any trace left behind, making the situation even worse.

The balance between too little and too much privacy in social settings has been discussed for years on end. It will continue to be discussed, no doubt. But a simplistic approach such as the removal of encryption from devices can only have unintended consequences that will end up crippling the only growth area left in the world.

Related posts:

— Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek.

Read more about:

Security Now

About the Author(s)

Larry Loeb

Blogger, Informationweek

Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek. He has written a book on the Secure Electronic Transaction Internet protocol. His latest book has the commercially obligatory title of Hack Proofing XML. He's been online since uucp "bang" addressing (where the world existed relative to !decvax), serving as editor of the Macintosh Exchange on BIX and the VARBusiness Exchange. His first Mac had 128 KB of memory, which was a big step up from his first 1130, which had 4 KB, as did his first 1401. You can e-mail him at [email protected].

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights