Obama Just Made His Dumbest Comments On Encryption Yet 

Obama Just Made His Dumbest Comments on Encryption Yet

President Obama celebrated attending SXSW this year by doing the most SXSW thing ever: an interminable and substance-lite keynote discussion. Obama talked with Texas Tribune editor-in-chief Evan Smith about the current encryption debate — but admitted his stance boils down to "I'm not a technical expert, but let's not be absolutists about this whole 'backdoor key' thing." "Everybody's walking around with a Swiss bank account in their pocket. So there has to be some concession, for a need to get into that information somehow," Obama said. "Folks on the encryption side will argue that any key, whatsoever, even if it starts off being used for one device, could be used for every device."

This was a strange thing to say, partly because it's not illegal to simply have a Swiss bank account, and partly because Obama is openly admitting that he wants tech companies to create keys for law enforcement. While also admitting that doing so will harm security.

Obama is correct about this: Many privacy experts argue that creating special backdoor keys, even if they're intended only for narrow use, is tantamount to creating a security flaw. Cryptographers and security researchers frequently and vocally oppose creating backdoor keys for this reason.

While Obama admitted that it is "technically true" that keys pose a danger, he insisted that this danger "can be overstated".

"My conclusion so far is that you cannot take an absolutist view on this," Obama said, characterising advocates for strong encryption as "fetishising our phones above every other value".

"How we design that is not something I have the expertise to do," Obama continued, before traipsing off to eat tacos, chat with Meaghan from Foursquare and pop into the App Tent to check out some disruptive new software.

Image credit: AP


Comments

    Nice to see no bias in this article...

      So how would you pitch it?

      Remember, the idea he is pushing is that law enforcement companies be given access to all the data on your phone (and other devices) even if you haven't done anything wrong.

      Since we know that law enforcement agencies are not 100% clean, it's certain that the keys will eventually leak, opening up all the data on your devices to whoever gets the scoop - probably one or more of the better-organised criminals.

      I hope you didn't need the contents of that bank account.

      Heck, it doesn't even need a dirty cop. All you need is one person with a vulnerable family and access to the key data.

      The danger this approach is trying to fix (access to terrorist's secrets) is pretty well counterbalanced by the risks of implementing it (opening up all of the secrets of most of the public to organised crime... and possibly terrorists.) At the same time it would likely be ineffective against its chosen targets, since they could just use an unapproved app with an undisclosed key.

        And now you wrote all that,

        I would've stuck to the facts when writing this article rather than throwing in snide comments.

        The facts speak louder than extraneous rubbish. I don't disagree with the whole stance on keeping security at all, infact I'm actually in favour of what Apple and co. are doing. But when you're writing an article on such a topic, snide comments and all that detract from the facts and make it read like a 15 year old wrote it like a post on facebook.

        So how I'd pitch it: As a professionally written article rather than de-evolving into a facebook post.

        Last edited 12/03/16 12:05 pm

          Fair point, although as 80% of the article is direct quotes I feel you may be over-reading the snideness a bit. The last paragraph (of the article) definitely lowered the tone.

        Mate, your house is open to hacks at any time. It's called a crowbar. So is your car. Even your landlines are. The end of the world didn't arrive even with all of that. Your bank accounts or the cash under your bed hasn't dissapeared. There's no difference. Why should your mobile phone be the most super encrypted secure thing? As a society, we allow our property to be accessed by law enforcement with checks & balances in place. This is no different.

          Because unlike those things you described pre-phone, each is a compartment of our lives. The bank and financials used to be seperate from the home, and to understand any trends in movement required an extraordinary outlay of time and effort to physically track.

          The difference we face is that all of this information sits together on a single device. Not only that, but the confluence of data adds something greater than the sum of its parts in being able to form a predictive picture of individuals beyond what a single incursion to our lives would have probably entailed had our house been broken into, rubbish rifled through or our accounts studied.

          The digital, searchable nature of this recorded content has massive potential and is not like anything we've ever faced before. The sheer amount of incidental but vital data accessed if a backdoor is made or access granted in the same way as previous targeted warrants makes this a very important debate to have that shouldn't rely on past legal requirements. It should be argued with the acknowledgment that this is new territory and does not have an easy analogy to laws or legal solutions created in the past.

            Rubbish. You're over stating it. Just because someone can hack into my phone, doesn't mean they can hack into my bank. My bank password isn't stored on my phone. neither is my bank transactions. Yes on my phone is an application that can talk to my bank once proper authority is established, but that's it. There's another check in place.
            It'd be like me saying that our house DOES indeed contain everything. I mean, my eftpos card is in my house, so is my passport, and so is my computer. On my computer is a thing called internet explorer, which can login to my bank once I enter a password. See? Everything is actually inside my house afterall, just in the same way you say everything is in my phone.

          In most cases, access requires physical presence; and for law enforcement, typically a warrant. It's also possible to trace physical breakins in ways that are impractical or impossible for digital intrusion.

          Breaking encryption lets somebody in Russia hack into my bank account, all to prevent terrorism - which is one of the most oversold risks on the planet. From 2003 to 2012, more people died in Australia from falling off their chairs than from terrorism. Reference: http://www.crikey.com.au/2014/09/04/the-real-threat-of-terrorism-to-australians-by-the-numbers/

          (That doesn't mean the risk should be ignored; it just means it should be treated proportionately. If the money spent on anti-terrorism measures were spent on the hospital system, it's a fair bet that more lives would be saved.)

          Basically, on a risk/return basis, the risk is horribly high and the return horribly low.

          Especially since the tech is such that it's fairly easy to create an encryption app which CANNOT be cracked. When decent encryption tech is criminal, only criminals will use decent encryption tech.

    It looks like Quantum Computers will be here sooner or later and probably on phones too, so how the hell would you even attempt to backdoor them? Another thing to consider is a phone baked into the human body, no way in hell would I allow access to that.

    Perhaps we should be spending more time fixing the causes of terrorism. Takeing away people's rights are never the solution to any problem.

    Pollies and technology don't mix.

    It could be worse, the Britsh PM publicly avocated that encryption shouldn't be used;

    https://en.m.wikipedia.org/wiki/Encryption_ban_proposal_in_the_United_Kingdom

    I'd like to see him freely go about his business online without encryption... Yeah right...

Join the discussion!

Trending Stories Right Now