The Crypto-Circus comes to town -- again

As part of it's 50th anniversary celebrations, the Australian university where I did graduate work recently interviewed me on a range of cybersecurity topics. At the time of our chat, Australian Prime Minister Turnbull had just proclaimed that "the laws of Australia prevail in Australia, I can assure you of that. The laws of [cryptographic] mathematics are very commendable but the only law that applies in Australia is the law of Australia."  The prime minister went on to say that the government's cryptography problem doesn't have a quick fix -- but, and reminiscent of former FBI Director Comey and other's sentiment on the matter, he couldn't speak to specific solutions other than to imply that one remedy is for nerds to nerd harder.  So, quite understandably, the subject of government policy on cryptography became our main focus for the interview.

Frankly, there's not much different about the issues raised in the Second Crypto War today in 2017 than what was discussed, debated, and seemingly overcome during the highly controversial First Crypto War in the mid-1990s.  However, there is one significant difference: the internet and technology are so pervasive in modern society that uninformed and unrealistic policies purporting to 'solve' one government cybersecurity problem (e.g., communication surveillance for law enforcement or intelligence purposes) may well create other ones (e.g., endanger online commerce and overall cybersecurity) and end up placing the information-based fabric of contemporary life at greater risk. Then, when such predictable consequences arise, we'll see a new round of hand-wringing accompanied by high-profile hearings, reports, task forces, and government initiatives looking to address those problems.  Lather, rinse, and repeat -- it's what governments do on such matters.  Just as with prescription drug interactions, in an era of technical innovation the proclaimed cure may be far worse than the condition it is intended to fix -- in fact, it may well create other problems for the patient -- which then require some new form of 'cure' to be explored and implemented as well.  See?  Lather, rinse, and repeat.  (And profit!)

Anyway, returning from that short tangent, I thought the discussion was worth sharing as we head into the weekend.  Enjoy!

A dangerous precedent: why the tech giants are refusing to decrypt users’ data

PS: On a side note, applying the scientific logic mentioned above, a politician could declare the law of gravity to be slightly less within their national territory and thus claim overnight success for reducing a nation's obesity crisis.  Now there's an idea....

Add new comment