Everything Old is New Again

No one seems to have learned anything from history, even recent history. Back in 1993 (a.k.a: The Dark Ages in internet years) the NSA’s baby, the Clipper chip, was meant to provide a back door to any system it was installed on. At the same time, the US government classified strong encryption as a munition, and investigated the creator of PGP, Phil Zimmermann, for violating the export ban.

The Clipper chip program died in just a couple of years, and restrictions on encryption were relaxed in a similarly short time span. Why? Back doors are inherently insecure and technically untenable. The restriction of a technology, like encryption, only works if you can actually keep it from being disseminated. The only reliable way to do that is to cut yourself off from the outside world and impose draconian central-authoritarian rules on your citizens.

Japan kept weapons under the exclusive control of the military by shutting its borders, confiscating weapons, and keeping those with the knowledge to create weapons under central authority. In the early days of firearms, the Japanese were actually more heavily armed than anywhere else, and with the improvements Japanese smiths wrought on the samples traded from the Dutch and Portuguese, their weapons were probably the most technically advanced as well.

In Europe, those measures wouldn’t work because any one nation that tried to hunker down and disarm its populace would place itself at a strategic disadvantage to its neighbors. The end result of isolation and technical control was that Japan was at a severe disadvantage when on the receiving end of some “friendly” gunboat diplomacy from the good ol’ US of A back in the 1800s.

In more modern times, North Korea has done pretty much the same thing over the last 60 years with regard to communications and commerce, with the result that much of its post-industrial technology, particularly its computer technology, is laughably outdated.

If FBI Director Comey gets his way, and Apple is forced to either create a tool for the government to use to unlock devices or compromise its security to provide a back door into the system software, Americans are facing not just the loss of privacy, but a loss of competitiveness in the world market. Communication and device encryption is the backbone of internet commerce.

While it may start with Apple, it won’t end there. Any technology created by American companies will be regarded with suspicion because of the precedent set. Other countries where multinational corporations do business, knowing that a US-based company will be compelled to create skeleton keys for its devices, will make providing them with the same tools a prerequisite for doing business there.

Congratulations, you’ve just given every repressive regime in the world tools to break into anyone’s phones, and not just their citizens’ either. It’s actually worse if the US tries to keep the key to itself because its very existence makes it much more likely that a foreign power or even criminal elements will find a way to steal or co-opt it and use it to break into the phones of US citizens exclusively if it is only installed American versions of the phones. If that happens, the responsible parties would have made the entire US into every nefarious agent’s online ass-bitch.

As we’ve seen with “secret” backdoor technology before, like the TSA keys, it will leak eventually. And when it does, someone will eventually exploit that security weakness to commit a serious crime or act of terrorism. The best way to protect people is to make security better to make it harder for anyone to break in — be it the FBI, terrorists, or criminals. Deliberately weakening security does not benefit either the public or, in the long run, the government.