Quote:
Originally Posted by Steve Jordan
[...]
And BTW, your earlier post about the realities of internet monitoring is exactly what I was alluding to at the beginning. Presently, encryption is the only thing preventing ISPs or the authorities from identifying packets and documents going back and forth. Though it's not a popular opinion (nor a desired one), the fact is that this one roadblock can be taken down.
Imagine a new government regulation that restricts the encryption systems allowed by all national ISPs to a specific set of schemes, for which they have a universal or "skeleton" key... and the authority to outright block anything using a different encryption method. This is not only conceivable, it is enforceable, given today's technology. And as I stated before, if the government comes to consider it the only way to solve a problem, I can see them applying it without hesitation, "for the public safety."
Naturally, they would apply something like that to control some more heinous crime, like child porn. But if it happened to make other transactions more secure, they would consider it a win-win...
[...]
|
Others have already responded, so I'll only add what I still see missing.
Assuming your ban were workable, the US would crash spectacularly. Foreign corporations and governments would have a field-day as would the various (serious) crime syndicates. If you enforce this internationally, all countries would suffer.
Remember, there are crucial and very legal crypto applications:
- multi-national corporations (or any corp with more than one location)
- banks (they deserve specific mentioning)
- online-banking
- online shopping (all ebook sales included)
- anything requiring passwords. If you're hooked via ADSL/ISDN or some such, it's not as tragic but if you have cable, anyone in your house or even block can listen in on your traffic (depending on ISP of course). It's a shared, local LAN, after all.
- All wireless access points
- ...
Now, taking your second scheme, all countries would need the same set of keys or some other distribution, as the internet isn't a national thing. Currently, fresh keys are generated on the fly to greatly improve security which would be a problem with this new scheme. This also brings things like forward secrecy into the play.
Also, delibaretly breaking or crippling an encryption scheme is never more secure. It makes them
monitored and it adds a huge central point of failure. Don't you remember the multiple personal record thefts last year?
Last but not least, what you are describing is the very definition of a police state, mind you. All these schemes would be pointless if the government (or whoever) wouldn't log/monitor all traffic. You cannot retroactively log an incriminating packet, you need to log them beforehand.
If you have proper hints that a crime will happen, the current legal system gives you sufficient ways to monitor a suspect. These new methods only facilitate investigating large parts of the population at once and without prior evidence.
I'd like to note that I left out things like judical or congressional oversight, as they are jokes. Likewise, I did not make a distinction between pure logging and actual monitoring, as the former always leads to the later.
See the US spying scandal of last year.
We should rememner that privacy is essential to a democray (or a republic in the case of the US/a const. monarchy in the UK). Abolishing privacy is unconstitutional and should thus call the Office for the Protection of the Constitution into action. Same for violating the separation of powers and the separation of church and state.
In the end, the question is really: What is more important to you, a free society or your profit?
The same goes for terrorism and the like. What point is there in security, if you've destroyed your country in the process (with respect to it's principles or "soul"). Especially, when most anti-terror measures are little more than snake-oil to appease the masses.