Digital Insurgency

Where Surveillance, Encryption & Privacy Collide

Monthly Archives

October 2016

Tech Policy Daily’s Gus Hurwitz has a post up today arguing that encryption is a distraction from true security. It’s an interesting read, but thoroughly misguided. Hurwitz suggests that the focus in tech should not be on encryption, but rather on the security of the systems. His argument boiled down:

Most cybersecurity incidents do not involve breaking encryption. Nor would they be prevented by stronger or more pervasive encryption. Consider recent incidents in the news: Yahoo!’s loss of data from 500 million user accounts, the unprecedented DDOS attack on security researcher Brian Krebs’s web site, and attacks on voting machines. These are the sort of incidents that are happening with alarming frequency; they are the sort of incidents that have the greatest potential to have tangible harmful effect; and they are the sort of incidents that all users are concerned about. …

Better or stronger encryption does little, if anything, to prevent these sorts of attacks. A more productive use of resources is to focus on better design and testing – ensuring that users securely use systems, designing security mechanisms that they won’t bypass, and designing systems that can continue to operate securely operate under compromised conditions.

On the importance of securing systems, Hurwitz is right. More attention must be paid to strengthening security overall. Corporate players, especially, should face serious repercussions for breaches that result in user data being compromised. Until there is a price to be paid, the cost of poor security practices is relatively minor compared to the cost of robust protections.

What Hurwitz misses, however, is what those protections are likely to look like. If corporate players suddenly faced stiff penalties for breached data, the first step most would take is end-to-end encryption. There is a good reason for that.

Despite Hurwitz’ dismissal of encryption, it is just as, if not more, important than security. If a system encrypted end-to-end is breached, there is little of consequence that could be gleaned from the breach because all data compromised would be stored in an unreadable format.

The reason hacks are so damaging currently is that most data is not stored encrypted. It is stored in plain text or as normal files. Once the  breach happens, the data is lost.

Under Hurwitz’ concept of security being most critical none of that changes. All systems will have vulnerabilities, no matter how much is invested in securing them. So what do you do when they are broken?

By starting first with encryption, you stop the hemorrhaging before the cut is even made. The system protects the data first, and the system second. Our current systems are completely backward in that regard, as is Hurwitz’ thinking. In an end-to-end world, content should never be viewable in transit. That is especially true when transit relies on anything as inherently insecure as the open Internet.

What’s more, you reduce the motive for attack by ensuring that anything gained will be of no value.

Hurwitz’ line of thinking, sadly, is typical of policy proposals in DC. There is a reason for this, too. By diverting the focus to security, rather than encryption, we guarantee the prying eyes of the surveillance state.

Only in an end-to-end world do we safeguard our data against all outside eyes, not just the “bad” ones.





Monthly Archives

October 2016

Yet another mainstream tech reporter has decided to draft up an alarmist piece about the hacking of the US election based on a flawed understanding of both how our elections are conducted and the reporting of other related news. CNet’s Edward Moyer threw out this misleading story over the weekend:

“Don’t blame me, I voted for the other candidate (but hackers stole my ballot).”

You might chuckle, but apparently that’s a bumper sticker we could soon encounter for real — if election officials aren’t careful.

The US Department of Homeland Security issued a statement Saturday saying hackers have been casing state voting systems, and it offered its cybersecurity assistance to any states that request it. (emphasis mine)

That link in the last line is the critical piece. It leads to a DHS bulletin in reference to the agency’s offer of help to states looking to secure systems in it, they note:

In a few cases, we have determined that malicious actors gained access to state voting-related systems. However, we are not aware at this time of any manipulation of data. (emphasis mine)

You will notice the difference between the two passages in bold above. It may seem overly pedantic or a minor semantic distinction, but it really isn’t. A “voting system” would refer to the system by which America votes. A “voting-related system” would be a supplementary system that aids in that process, but is not actually part of the voting system. In other words, as I have commented previously, the actual conduct of elections and the storage of voter information are not one and the same. Your voter registration is not tied to the machine on which you vote. The city/county/state registration databases exist separate and apart from the machines you will use to actually cast your ballot.

This is critically important for reporters covering the concern over election manipulation to get right, and yet they rarely do. Instead, like Moyer, they write these sensationalist pieces that mislead the public into conflating the illegal access of voter data with the manipulation of their sacred vote. It’s unfortunate that writers like Moyer don’t bother to actually talk to people who have spent a lifetime in elections to get the story right.