On smart cows and dumb politics
In light of the recent terrorist attack in [Insert Location] you have probably heard calls from media and politicians to ban end to end encryption and stop the terrorists from having a safe space to communicate. Such calls sound like a good idea to those who don’t really understand the technology much like a suggestion to ban guns could come across as a reasonable step to take in order to prevent attacks but to those who do understand the technology, such a call becomes as ridiculous as a call to ban cars. Lets look at why.
What is end to end encryption?
Ordinarily when you send a message on the internet for example an email or a request to view a webpage, that message is sent unencrypted (or in plaintext, to use the correct term). This means that anyone in between you and the recipient can read and modify that message. It is the physical world equivalent of sending a postcard. As the internet has matured, this method of sending message has become a security risk, since a malicious person could intercept your messages (this is clearly not good if you are sending your credit card details to make a purchase). So we have turned to encryption in order to secure the data between you and the recipient.
There are two forms of encrypted message which can confuse the conversation slightly. The first is where messages you send are encrypted on your device using a third parties encryption key and sent to a server, the third party then decrypts the message and stores it. When the recipient logs on the third party will encrypt it again and send it over to them. This solves much of the problem, but still leaves the messages on the server vulnerable if someone working at the company wants to access them for their own ends (or leak them to the internet as happened with Ashley Madison), the company itself suffers a security breach or a government asks them nicely to turn them over.
The second kind is where you encrypt the message on your device with the key belonging to the recipient, transmit it to the third parties system encrypted, where they will store it and transfer it onto the recipient when they log on. This time, only the recipient has the key to decrypt the message so it is not vulnerable whilst stored by the third party. This is the type of system that most people mean when they talk about end to end encryption.
So what is the problem with banning it?
Looking at the previous three paragraphs, you may be thinking to yourself, well I can accept a lower level of security, (1st or 2nd option) if it means we can stop terrorists from using encrypted messages as well. Pragmatically, I could probably accept the second option as a reasonable compromise /if/ it meant we could stop terrorist attacks.
Banning encryption will not stop terrorist attacks.
Even if we mandated that companies providing messaging services did not provide the second, end to end encrypted service and that they scanned all messages (on behalf of the government) for any indications of terrorist plots in the making there would still be attacks.
The logic behind banning encryption will stop terrorists stems from the fact that building an encrypted messaging service is a hard or expensive problem which will only be tackled by corporations which we can exert legal or financial pressure on to comply with our laws. Taking away the services provided by these companies will mean the terrorists will be caught.
There is some weight behind that argument: writing an encrypted app does require programming skills which very few terrorists have. The incorrect conclusion drawn from this is that only terrorists with advanced programming skills will be able to communicate securely and the rest we’ll catch from their unencrypted communications. This conclusion melts away entirely when you consider the smart cow problem.
Bovine terrorist sympathisers, have you gone mad?
No, please bear with me. Imagine, you are a farmer and that you keep a field of cows. The field is surrounded by a fence, in order for you to be able to take the cows for milking once a day, there is also a gate in the fence with a latch. You would think that you are able to go to bed at night confident that your cows will all still be in the field in the morning and for a field of ordinary cows you would be right.
What if one cow was not ordinary?
What if one cow was smarter than the average cow?
What if one cow in your field knew how to undo the gate latch?
If you were unlucky enough to have just one smart cow in your field the whole heard could escape as once the first cow figures out how to open the gate the other ordinary cows simply have to walk out through the now open gate. You may still find in the morning that one or two exceptionally dumb cows are still there as they hadn’t even realised the gate was open but most will have escaped despite not having the smarts to open the gate for themselves.
This is the smart cow problem, when faced with a difficult problem it is often only necessary for one smart person to solve it and everyone else can benefit from their solution.
The smart cow problem crops up all the time in technology a key example is that of DRM. AACS was broken by one person wanting to watch a HDDVD on an unsupported device That solution was shared. Now everyone is able to copy Bluray and HDDVD’s at will. The same is true of encrypted messengers - it only takes one smart terrorist to write an app and share it and we are in no better situation than we are now from an anti terrorism perspective but have sacrificed our own privacy for no reason.