To: Sam Harris Re: encryption
This is my response to part of Sam Harris’ recent podcast, which is about another subject altogether (cultured, cruelty-free meat – a very interesting podcast worth checking out), but begins with his thoughts on the FBI ordering Apple to write custom software to compromise the iPhone 5C of one of the San Bernadino terrorists.
Update: There is some interesting discussion about this post on reddit.
It seems to me that you have fundamentally misunderstood encryption. Your example of the digital equivalent of a completely impregnable physical room is actually instructive. Such rooms are already possible with PGP. It's a pure mathematics problem and it has been solved. And the terrorists, despotic governments, and any other bad actors you can think of have access to such rooms.
The Pandora's box of unbreakable encryption has already been opened. So the real question becomes:
If all the bad actors on Earth have access to such utterly impregnable data encryption and we deny that same advantage to our banks, financial institutions, and decent actors, what will the consequences be?
The Apple case
The FBI already has access to all the phone records that the phone company can offer and all of the stored data that Apple has on its servers. And the FBI also already has access to the phones of living colleagues of the San Bernadino terrorists, whose data might shed more light on the investigation. The only thing the FBI currently cannot do is unlock the phone.
And in fact, because it is an iPhone 5C, there is, in theory, software Apple could create that would allow the FBI to try “brute force” combinations on the phone until it is unlocked. The newer generation of Apple phones would be immune even from such software. So it may well be that Apple is taking a stand now at least partly motivated by the optics of the situation.
But in the very near future, the conversation won't be about whether to convince Apple to break into their own phones. It will be about whether to allow Apple to build phones that are indeed inaccessible even to them.
Just try to imagine this same exact scenario unfolding in Syria, or China, or Iran.
If you deny decent people the ability to protect their communications and data, you do nothing to stop indecent actors who will still have access to the mathematics of encryption.
A lock only the good guys can open
You argue by example, and so will I. Imagine a lock designed so that only a certain government agency had access to your luggage and nobody else. Imagine pouring billions of dollars to maintaining the security of such a lock. What exactly would you be willing to risk inside your TSA-compatible locked baggage, Sam?
There's one other thing I wanted to clarify based on your comments: there are no backdoors to financial transactions as they occur; you mentioned that there is one, but you've misunderstood: the only “backdoor” that exists is after the transaction occurs, details may be stored by a vendor or a bank and those records may be accessible via subpoena. This is analogous to the phone records that the FBI has already gained access to in the San Bernadino case. But if there were some way to infiltrate the communications as they occur, literally no online transaction would ever be safe again. Would you be willing to use a credit card online if you didn't believe the promise of that
https:// at the beginning of a URL?
I agree with you on nearly everything. This may be the first time I've found myself diametrically opposed to your position. I'm not a security expert, but I am a software engineer and I have thought about and built secure systems for more than fifteen years. This is mathematics. And it's mathematics that already exists. Allowing only bad actors to have access to it and denying decent people that same advantage is madness.
I'd be happy to discuss further.