mostlysignssomeportents:

Cryptographers and security experts gathered on the Hill yesterday to tell Congress how stupid it was to ban crypto in order to make it easier to spy on “bad guys.”

The Electronic Frontier Foundation’s roundup on the day’s events has five key takeaways from the testimony:

1. Lawmakers are willing to throw the Constitution under a bus if it helps them fight the War on Terror. For example, here’s John McCain: “ I’ve heard my colleagues, with all due respect, talking about attacks on privacy and our constitutional rights et cetera, et cetera, but it seems to me that our first obligation is the protection of our citizenry against attack, which you agree is growing. ”

2. Companies don’t want to have to leave a key to their crypto under the doormat for “legitimate” spies to use. If the companies that handle your email and sensitive data are holding onto a key that lets them look at your stuff without your knowing it, they’ll never be able to promise that your data is genuinely private.

3. Free/open source software is the elephant in the room. When crypto-deniers talk about banning strong crypto, they’re inevitably talking about forcing companies to leave your data insecure. But much of the best in security comes from the free/open source world, and no one has any idea what to do about amorphous global collectives who make and maintain tools that would be untouchable by such a ban.

4. Cops and spies have no evidence that they need a crypto ban. Despite scare stories about criminals “going dark” through crypto, no one was able to present any hard evidence about criminals getting away with it because they were using unbreakable crypto. None. According to one DA, encrypted phones account for 0.1% of all phones seized in the course of criminal investigations – and he didn’t testify that this got in the way of a conviction.

5. James Comey believes in sorcery. The hearings involved some bizarre moments for FBI Director James Comey, who is, weirdly enough, a cryptography denier: that is, he believes that cryptographers are lying when they tell him that they don’t know how to make a security system that works against criminals, voyeurs and foreign spies, but that will let him and his pals in when they want to peek at our communications.

Some of Comey’s choice remarks: “A whole lot of good people have said it’s too hard… maybe that’s so. But my reaction to that is: I’m not sure they’ve really tried.” Also, “Maybe the scientists are right. Ennnh, I’m not willing to give up on that yet.”

Read the rest…

