Contributed by webmaster on from the knee-jerk dept.
"In a floor speech on Thursday, Sen. Judd Gregg (R-New Hampshire) called for a global prohibition on encryption products without backdoors for government surveillance."Of course, I'm assuming they would prefer that "Backdoor" not exist in the crypto systems they use. What concerns me is the intentional engineering of a vulnerability into a system meant to safeguard communications. Nothing good comes from that.
If the crypto systems that I use to safeguard administrative access to my business systems, and the privacy and integrity of my customers data (as required by HIPAA) are compromised by an intentionally engineered vulnerabilty, who bears responsibility? Are the collective governments of the world willing to expend the money, time and human resources necessary to secure and monitor every business system in the world? If secure communications were compromised between a financial house and a financial market, and the market were manipulated as a result, that certainly qualifies as a national emergency. Are our governments really willing to secure everything to the extent that only their prying eyes are privy to our secrets? How will we ensure that our friends aren't gathering business intelligence by decrypting our traffic as well? Of course, our friends would never do this, as no ally of the United States has ever been accused of engaging in industrial espionage against American businesses.
I acknowledge that, in the aftermath of fear and uncertainty created by the tragic events in NYC and Washington, DC, this idea may seem reasonable to our lawmakers, but it will only serve to weaken systems used by businesses and individuals world-wide. What is to prevent the bad guys from using alternate forms of encryption, such as privately developed systems, or one-time pads? This "call" only serves to ensure that terrorists develop a preference for custom developed software, whilst making it illegal for businesses to do so.
(Comments are closed)