Say so long to privacy through encryption.

[Heretic]

A new bill floating around congress seeks to be able to decrypt you messages if served a wiretap order. We all know they don't need wire taping orders any more with the patriot act.

http://www.nytimes.com/2010/09/27/us/27 ... .html?_r=1

[Isaac]

Go-go gadget ssh 2048 bit!

[Kilarin]

I can't get to the NY Times article, BUT:

Truecrypt. It's free, and its open source. No back doors!

[Heretic]

Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages.

[Xamindar]

This will just encourage more opensource encryption \"plugins\" to these services. There are already addons to many IM clients and email clients that allow encrypting the communications.

Of course, they can make it illegal just like watching DVDs on my PC is illegal. Pretty soon everybody will be criminals whether they want to or not.

[null0010]

Of course, they can make it illegal just like watching DVDs on my PC is illegal. Pretty soon everybody will be criminals whether they want to or not.

This, and at the same time, this:

[Kilarin]

A VERY true point from XKCD.

If anyone REALLY wants your data, there are usually much easier ways to get it than cracking your encryption.

That DOESNT mean encryption is a bad idea. Encryption is like locking your front door. It keeps out a whole LOT of people. But it wont stop a really determined criminal.

(actually encryption is much BETTER than locking your door because its less vulnerable to being picked, but still vulnerable to anyone who holds a gun to your head and says \"open the door!\")

[Grendel]

Nothing new really. Probably Biden behind it.

\"This is not Orwell's 1984, it's Gilliam's Brazil.\" Right on the mark.

[Foil]

"This is not Orwell's 1984, it's Gilliam's Brazil."

Yep.

[AlphaDoG]

Code a better mouse trap and people will just code better mice.

Sorry for the paraphrase.

[null0010]

That DOESNT mean encryption is a bad idea. Encryption is like locking your front door. It keeps out a whole LOT of people. But it wont stop a really determined criminal.

The way I figure it, I don't have any data worth encrypting. That is not to say that I think this proposed bill is good, I just don't understand the use of crypto on a personal level.

[Kilarin]

The way I figure it, I don't have any data worth encrypting.

Think of encryption on your home computer as the equivalent of sealing the envelope when you send a letter. It's not perfect, but it's easy enough to do that it's worth the effort.

[AlphaDoG]

Who do you think is targeted? Here's the cluster map for the dbb.

[null0010]

The way I figure it, I don't have any data worth encrypting.

Think of encryption on your home computer as the equivalent of sealing the envelope when you send a letter. It's not perfect, but it's easy enough to do that it's worth the effort.

What will they get if they crack open my computer? My music files? Descent levels? The files on my computer only have "sentimental" value to me.

[Isaac]

不是..I think everyone here is confusing 'hacking into your system files' with 'hacking into data, sent and received by your system', which I believe is the subject. And why would the Government want access to your SSL/TLS related activity? That's where all the good stuff is... And they're not going to hack it; they don't have to. They'll just make a law that mandates a \"carbon copy\" of all your activities from the website's firm. How does this protect us...? It doesn't, because it increases the risk of human error.

[Spidey]

Well, we will all just have to speak in plain English, nobody in the government can understand that.

[Krom]

Well, we will all just have to speak in plain English, nobody in the government can understand that.

HEH!

**************************************

Really how much surveillance is enough? I think we are already well beyond reasonable levels. The government wanting a backdoor into all these encrypted communications is just stupid and lazy and I can guarantee that the terrorists will NOT be so lazy. If they pass this it will have absolutely zero impact on fighting terrorism because terrorists are not obligated to follow the rules but it WILL further invade and erode the privacy of Americans.

At what point do we have to collectively say "While we don't have anything to hide, we still think its none of your damn business!" to all this ridiculous surveillance. This whole "war on terror", and the "war on drugs" and every other "war on macguffins" that we keep on going through are all retarded. It is obvious the government has no intention of winning because it is actively refusing to utilize its single greatest resource: The American People. In fact the government is practically aiding and abetting the terrorists by going out of its way to impede and prevent citizens from protecting themselves! Someone needs to stand up to Washington and say "This situation is unacceptable. We do not need you to protect us from ourselves. Get out of our lives!".

[Kilarin]

"While we don't have anything to hide, we still think its none of your damn business!" to all this ridiculous surveillance.

Exactly.

What will they get if they crack open my computer? My music files? Descent levels? The files on my computer only have "sentimental" value to me.

Even if you wouldn't mind others seeing whats on your computer, the principle still stands that they have no business messing with it without your permission. Just like even if you didn't have anything in your house that you didn't want others to know about, you STILL don't want strangers wandering through without permission. It's a matter of principle.

And I DO have stuff on my computer that I really would prefer others not get ahold of. Tax information, my wifes business files, my list of family and friends addresses, etc.
None of that is going to get me put in jail, none of it is particularly embarrassing, and none of it is even likely to attract a criminals attention. But I'd still just as soon it stayed under lock and key.

At church once, a teenage girl came along and grabbed my study journal. It was just a spiral notebook where I kept my Bible study notes. If she had ASKED, I probably would have just handed it to her and said, "Read away." But she didn't ask, she grabbed. And so Immediately made her give it back. Encryption helps protect information that you would rather keep private, but it's also just a good principle in general. People shouldn't be going through your stuff unless they have permission to do so.

.I think everyone here is confusing 'hacking into your system files' with 'hacking into data, sent and received by your system'

You bring up a good point, but I think the two different issues are related. Losing the rights to protect transmitted data is closely related to losing the rights to protect data stored on your own system. With people moving towards "cloud computing", its even becoming difficult to distinguish between the two.

Of course, you can use truecrypt containers to send encrypted data through email, but truecrypt isn't design to integrate directly with email (that I am aware of). There are other programs that do. (Like PGP).

Email encryption has not been made easy yet. It's generally burdensome and annoying because both parties have to be involved. That's why most people don't bother. Protecting data on your own machine though has become VERY easy. To easy to neglect.

[woodchip]

If you do not want others to see what is on your computor, don't hook it up to the internet. Have a second older comp. with nothing on it as your internet connection.

[Spooky]

░

[Ferno]

Oh! And what if the user needs to download stuff to use on the other machine? . . .
Copy it onto a CD or DVD. Then clean it off the internet machine.
Nothing stays on the internet machine but the operating system!!! Then CD/DVD
software, elected browser, Anti Virus program if needed, Firewall if needed and
plugins like Flash if needed!!!

easier solution is to have a 32gb usb stick plugged in, download directly to that, and then pull the stick.

[Spooky]

░

[[RIP]Machete_Bug]

So seriously... why would anyone pay money for an encryption software with a back door for Johnny Law?

To do so, not only would you have to assume that the government would never abuse this power, but also believe that the knowledge of how to exploit it will forever and all time remain in the hands of law enforcement. Heh.

If this passes, open source will be the only serious option.