Will the recent revisiting acknowledgement of our dwindled privacy make encryption products more user friendly? Is the hacker witch-hunt a symptom of a powerful group hedging it’s bets? Tech Crunch breaks it down.
Everyone is worried about the wrong things. Since Edward Snowden exposed the incipient NSA panopticon, the civil libertarians are worried that their Internet conversations and phone metadata are being tracked; the national-security conservatives claim to be worried that terrorists will start hiding their tracks; but both sides should really be worried about different things entirely.
Online surveillance is the one kind that can actually be stopped. One interesting thing we learned from Snowden: “Encryption works.” Right now almost all Internet traffic is completely unencrypted, or badly encrypted, or only encrypted until it reaches the first set of servers, or your host encrypts all data with the same key. But these are all, in theory, solvable problems.
If we don’t want governments (or anyone else) spying on our Internet traffic and our phone conversations, then we can stop them from doing so. Tools that seem to successfully ward off the full might of the NSA already exist: PGP for email, OTR for instant messaging, RedPhone for voice calls.
Now, these tools are all, to varying degrees, a huge pain to use. This is partly because security is hard and partly because the world could really use an anti-surveillance Jony Ive. But as time goes on, they and their ilk will become more user-friendly, and it’s only a matter of time before tools which can withstand (most of) the full might of the NSA become simple enough that their use is fairly widespread.
As long as a critical mass of techies and civil libertarians make a point of using end-to-end encryption, its mere presence won’t be enough to trigger extreme suspicion. One day quantum decryption will crack today’s codes, but the smart money is still on quantum encryption beating it into widespread use.
As for metadata — well, you can already hide your Internet metadata by using Tor. I expect similar “metadata muddying” networks to spring up for voice calls; maybe they’ll onion-route calls a la Tor, maybe they’ll just be apps that cause your phone to make encrypted calls with no actual content to other phones in the network at sporadic intervals, so that large quantities of fake metadata gets mixed in with the real stuff. Either way, the data gathered by governments can be corrupted.
To an extent, this may help explain the disproportionate and vindictive persecution of hackers like Andrew Auernheimer, Aaron Swartz, and Jacob Appelbaum. (Disclosure/disclaimer: I haven’t seen Jake for years, but I count him as a friend.) These are exactly the kind of people who are capable of throwing monkey wrenches into the gears of the online surveillance machine.
What civil libertarians should be worried about isn’t online snooping and wiretapping. It’s the surveillance that’s already becoming pervasive, if not ubiquitous, throughout the real, physical world.