My latest Guardian column, Crypto wars redux: why the FBI's desire to unlock your private life must be resisted, explains why the US government's push to mandate insecure back-doors in all our devices is such a terrible idea -- the antithesis of "cyber-security."
As outgoing Attorney General Eric Holder invokes child kidnappers and terrorists, it's like a time-warp to the crypto-wars of the early 1990s, when the NSA tried to keep privacy technology out of civilian hands by classing it as a munition (no, seriously). Today, the need for the public to be able to thoroughly secure its data has never been more urgent, and the practicality of a back-door mandate has never been less plausible.
Because your phone isn’t just a tool for having the odd conversation with your friends – nor is it merely a tool for plotting crime – though it does duty in both cases. Your phone, and all the other computers in your life, they are your digital nervous system. They know everything about you. They have cameras, microphones, location sensors. You articulate your social graph to them, telling them about all the people you know and how you know them. They are privy to every conversation you have. They hold your logins and passwords for your bank and your solicitor’s website; they’re used to chat to your therapist and the STI clinic and your rabbi, priest or imam.
That device – tracker, confessor, memoir and ledger – should be designed so that it is as hard as possible to gain unauthorised access to. Because plumbing leaks at the seams, and houses leak at the doorframes, and lie-lows lose air through their valves. Making something airtight is much easier if it doesn’t have to also allow the air to all leak out under the right circumstances.
There is no such thing as a vulnerability in technology that can only be used by nice people doing the right thing in accord with the rule of law.
(Image: graffiti04, David Bleasdale, CC-BY)