Exactly. This is the same as gun control. If a technology exists, you cannot tell people to not use it; otherwise, all you've done is put law-abiding citizens at a competitive disadvantage while arming the bad guys. To argue otherwise is absolute ignorance.
> If a technology exists, you cannot tell people to not use it; otherwise, all you've done is put law-abiding citizens at a competitive disadvantage while arming the bad guys.
This comment is amazing self parody.
So what, we should we let people cook up nerve gas and anthrax and build surface-to-air missile launchers in their garages, to make sure they have competitive parity with the bad guys?
Most individuals who would even begin to consider trying to "cook up" substances like nerve gas or anthrax "in a garage" would undoubtedly die in the process, in which case problem solved.
And yes, people should be able to build "surface to air missile launchers" in their garages. It's called amateur rocketry, and last I checked it was quite a popular (and legal) hobby.
The vast majority of encryption is used in a lawful way to protect important things (information). The vast majority of firearms (in the USA at least) are used in a lawful way to protect, deter, as a hobby/for fun, and for sport/hunting.
They are very similar arguments, for a number of reasons, including the utter stupidity of attempting to make law-abiding citizens jump through even MORE hoops whilst accomplishing absolutely nothing in "preventing the bad guys from making use of" said technologies.
Do people have a need to shoot down airplanes? How about nerve gas? I don't see the comparison.
The difference is that regular people do have a need for secure communication channels. Even things other than what you typically think of as "communicating" like bill payments and shopping. Encryption is a defensive tool. It keeps people from stealing all your money.
Trying to ban strong encryption because terrorists use it is not like trying to ban nerve gases because terrorists use them. It's more like trying to ban pickup trucks because terrorists use them.
The point is, “if a technology exists, you cannot tell people to not use it” is a terrible argument for anything.
We restrict people’s use of technology in all sorts of ways to protect the basic order of society. For instance we restrict people from driving 150mph rocket cars or armored tanks with cannons on residential streets, we disallow radio jammers, we carefully regulate access to radioactive material, we don’t let unlicensed doctors implant untested medical devices, and so on.
More generally, gun control is almost entirely irrelevant to encryption. It’s an emotionally charged non sequitur which derails the discussion.
Gah. Look, I'm a big fan of end to end encryption and I'd like to see more of it out there, but this kind of post just shows we're collectively missing the point these politician/FBI types are making.
There is a huge difference between https://gmail.com type encryption and true end to end encryption. Pretending there isn't will get us nowhere. The first type is sufficient to keep out ordinary criminals, competitors, even some governments. It is not sufficient to keep out the local government itself, which can still go serve an interception order on the service provider without the target being aware of it.
The upgrade in security between true end to end crypto and user-to-service-provider crypto is essentially, that governments can no longer do that. This is a positive for avoiding 1984 style dystopias, but obviously it's rare or governments to worry about that risk (as they "know" they aren't dystopian ... and don't care to think about the future). When western governments talk about banning encryption, the only type they are really talking about is the type where they can't go to some big corporation and get the data when they want it. And that type is still pretty rare. Actually almost nobody uses it.
My biggest concern isn't so much that the government could get a warrant with probable cause and intercept a few emails or monitor my web browsing, it's that for all I know (seems pretty likely?) a significant chunk of everything I do online is intercepted and stored forever, encrypted or no.
If we allow a ban on secure end-to-end encryption, are we setting ourselves up for a future government to go back and demand access to everything we've ever done? Do I want to have somebody in 2060 datamining my entire life? It's worrying to me.
Short of putting better end-to-end encryption everywhere, I'm not sure how we prevent that. As you say, that sort of encryption is pretty uncommon, so maybe this is what we're headed toward either way. I think it's worrying.
But I'm not an expert on cryptography. Are there are other solutions?
But the fact is we can't stop people cooking up nerve gas and anthrax in their garages if they want to. Just like we can't stop them building their own encrypted apps. Banning it won't stop a determined group.
It's true that bad actors will use those things regardless of if it is legal or not. I agree it's a bad comparison because the difference here is that nerve gas and guns have potential to kill other people even if given to "good guys".
Secure communication does not kill other people, it protects yourself. We should allow everyone to have that because by taking it away the only thing we will do is harm law abiding people.
Here in the UK, there are very strong gun controls - and guess what, there has not been a single mass shooting incident since these gun controls were introduced - whereas in the USA there seems to be mass shooting incidents every other month.
EDIT I should have said mass shootings incidents in the UK are extremely rare, but of course not impossible because people can still legally keep shotguns and rifles.
France also has very strong gun controls. It is of course, more complicated than that. And, by the way, a man shot and killed 12 people in the UK in 2010 with legally held rifles: https://en.wikipedia.org/wiki/Cumbria_shootings
France's gun controls are looser than the UK's, but more importantly they don't have a defensible border. Laws are one thing: successful implementation of them is something quite different. The EU has a very weak border in general and especially once former eastern bloc countries joined Schengen, stockpiles of former Soviet weapons overnight went from one side of the border to the other.
It's not the same as gun control. A gun is a physical thing that cost money, has reliable detection mechanisms, has risk to ship, and so on. A message is just bits or timing that can be coded into anything with little skill or cost by anyone. Free tools all over the Internet to do it, too. Controlling the flow of guns is nowhere near as hard as controlling the flow of information.
Just ask all the gun control states also attempting to prevent crime and track dissidents via mass surveillance. Their failure rate is through the roof except for the most incompetent or uneducated targets. And even some of them slip through.
It's worse, because a gun is a discrete physical item. Encryption code is virtual and infinitely replicable, regulation is extremely ineffective at restricting it from those that want it.
